Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Velmi podivné chování PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Velmi podivné chování PC

#1 Příspěvek od mhk »

Dobrý den,
před několika roky jste mi velmi pomohli, mám znovu problém. Po zapnutí PC a naběhnutí systému se chová PC divně. Např. na ploše chci rozbalit soubor a ten se nerozbalí ale nakopíruje (vytvoří na ploše svoje kopie). Nebo se mi nedařilo přihlásit k emailu...taky to po přihlášení nesmyslně otevírá jiné okno počítače apd. Po prohledání hrozeb Avastem se sice nic zvláštního nenejde, ale po "vyřešení " Avastem PC chodí normálně. Znovu po zapnutí divné chování s místo otevírání kopírování souborů apd., nepřístup do emailu a celé dokola.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Michal (administrator) on DESKTOP-9IJAJ0J (Gigabyte Technology Co., Ltd. Z370 HD3P) (01-10-2023 18:37:50)
Running from C:\Users\Michal\Downloads\FRST64 (1).exe
Loaded Profiles: Michal
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe ->) (Avast Software s.r.o. -> Avast Software) C:\Program Files\AVAST Software\SecureLine VPN\WireGuard\wireguardtun.exe
(cmd.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnNM.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Michal\AppData\Local\Microsoft\OneDrive\23.189.0910.0001\Microsoft.SharePoint.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(services.exe ->) (Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TomTom) [File not signed] C:\Program Files (x86)\TomTom HOME 2\TTHOMEService.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2308.3.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [255896 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2283872 2019-06-18] (Sony Mobile Communications AB -> Sony) [File not signed]
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Michal\AppData\Local\Microsoft\Teams\Update.exe [2585920 2022-11-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TTHOMERunner.exe [902656 2023-06-15] (TomTom) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [983688 2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\116.0.22388.188\Installer\chrmstp.exe [2023-09-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe [2023-09-30] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7B2C3EF6-3F2F-4600-AEB3-402FD99227BC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5135256 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
Task: {FFBF954E-9505-48F3-A26A-506C5284A647} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1294744 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {40A03DC5-0186-41FB-9AF9-BC2C6BFF0AD1} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4762520 2023-09-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {7C4B24AB-4959-481A-94D8-74EE77734AB2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-08-25] (Avast Software s.r.o. -> Avast Software)
Task: {E3CE4C86-EE50-4190-9273-E73DE45FD03D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {E3B5934F-8229-42C3-B3E7-471F623099B8} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\Michal\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [625024 2018-02-03] (PC-Doctor, Inc. -> )
Task: {00C3F3CD-5E7B-4C23-BEDA-330890D52DE3} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {12353DBA-57EB-432F-8800-564CCDF693E0} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B5A28D16-4CB5-469A-B8F4-621CAD43B6CC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {13243EEC-C035-43BC-BA37-C72536A3C5C9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2eefe022-a951-4c00-9fd0-b4f604ae77e3" --version "6.16.10662" --silent
Task: {A460B001-4F1E-4FC2-AF97-2DD596E70E53} - System32\Tasks\CCleanerSkipUAC - Michal => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8BC31088-EB08-450F-AAC2-AB1164D3756C} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {7F9F0A20-6E22-4E07-A024-C04553941A31} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {38788CB3-BCAA-4998-8295-D71EF8641E5E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5311304 2023-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {0DD0B12C-D0F6-4CB9-A007-BE0303DBA931} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [38360 2017-12-22] (Dell Inc. -> Dell Inc.)
Task: {15661CF0-A921-4452-A622-95FE7D26B460} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {7A23F3C0-CEC3-48B2-A6FD-BACFABDA766E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {2BBC795B-31F2-4D54-925C-A9F22AC5C929} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {4F8A3576-C622-4243-A364-E22C8041FCEF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-09-29] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {97DF1A66-51AB-4D59-8E90-929906E3CAA5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-29] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{36062e97-b837-4c90-a763-a03b64506a71}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41766173-7453-6f66-7477-617265415357}: [NameServer] 100.126.0.1
Tcpip\..\Interfaces\{86183110-57d5-4d94-a578-319b44cd41b5}: [NameServer] 100.120.128.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-02]

FireFox:
========
FF DefaultProfile: ct6nf0t2.default-1512936354244
FF ProfilePath: C:\Users\Michal\AppData\Roaming\TomTom\HOME\Profiles\2f62k23k.default [2023-05-06]
FF Extension: (MazdaTheme) - C:\Users\Michal\AppData\Roaming\TomTom\HOME\Profiles\2f62k23k.default\Extensions\MazdaTheme@mazda.com [2023-05-06] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default [2021-10-15]
FF Extension: (Czech (cs) Language Pack) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\langpack-cs@getnightingale.com [2021-10-06] [Legacy] [not signed]
FF Extension: (mashTape) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\mashTape@getnightingale.com [2021-10-06] [Legacy] [not signed]
FF Extension: (SoundCloud) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\soundcloud@songbirdnest.com [2021-10-06] [Legacy] [not signed]
FF Extension: (MLyrics) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\{6039188e-d135-11df-bcc9-c7e1ded72085} [2021-10-06] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com [not found]
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 [2023-10-01]
FF Homepage: Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 -> www.seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 -> hxxps://www.fischer.cz; hxxps://www.youtube.com; hxxps://www.invia.cz
FF Extension: (Avast SecureLine VPN) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244\Extensions\secureline-vpn@avast.com.xpi [2021-10-20]
FF Extension: (ColorZilla) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-12-21]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2023-10-01]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-12]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Avast SecureLine VPN) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\phmegojolgpbbcnhccbfneddlooepbpd [2023-01-11]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-09-30]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-03]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-04-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-27]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-02]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\System Profile [2023-09-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9090968 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [776088 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2304920 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [796568 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\116.0.22388.188\elevation_service.exe [1837968 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc -> Dell Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [11017624 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17938232 2023-09-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TTHOMEService; C:\Program Files (x86)\TomTom HOME 2\TTHOMEService.exe [437248 2023-06-15] (TomTom) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-08-08] (Synology Inc. -> ) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191872 2019-06-18] (Sony) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [240176 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392984 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297992 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [96064 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39760 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275168 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559696 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [950696 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [708048 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213192 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319560 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76568 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2022-12-05] (Avast Software s.r.o. -> AVAST Software)
R3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [498992 2022-06-12] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S1 netfilter2; system32\drivers\netfilter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-01 18:37 - 2023-10-01 18:38 - 000033800 _____ C:\Users\Michal\Downloads\FRST.txt
2023-10-01 18:37 - 2023-10-01 18:38 - 000000000 ____D C:\FRST
2023-10-01 18:37 - 2023-10-01 18:37 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2023-10-01 18:37 - 2023-10-01 18:37 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64 (1).exe
2023-10-01 12:36 - 2023-01-05 16:13 - 000001104 _____ C:\Users\Michal\Desktop\POŠTA DĚDA - kopie (2) - kopie.lnk
2023-10-01 12:36 - 2023-01-05 16:13 - 000001104 _____ C:\Users\Michal\Desktop\POŠTA DĚDA - kopie - kopie (2).lnk
2023-10-01 12:36 - 2023-01-05 16:13 - 000001104 _____ C:\Users\Michal\Desktop\POŠTA DĚDA - kopie - kopie - kopie.lnk
2023-10-01 12:29 - 2023-01-05 16:13 - 000001104 _____ C:\Users\Michal\Desktop\POŠTA DĚDA - kopie.lnk
2023-10-01 12:29 - 2023-01-05 16:13 - 000001104 _____ C:\Users\Michal\Desktop\POŠTA DĚDA - kopie (2).lnk
2023-10-01 12:29 - 2023-01-05 16:13 - 000001104 _____ C:\Users\Michal\Desktop\POŠTA DĚDA - kopie - kopie.lnk
2023-09-30 21:40 - 2023-09-30 21:40 - 015274968 _____ (ESET) C:\Users\Michal\Downloads\esetonlinescanner.exe
2023-09-30 21:40 - 2023-09-30 21:40 - 000001383 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-09-30 20:16 - 2023-09-30 20:16 - 000189510 _____ C:\Users\Michal\Desktop\cc_20230930_201558.reg
2023-09-30 15:38 - 2023-09-30 15:38 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-09-29 15:50 - 2023-09-30 20:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-22 21:02 - 2023-09-22 21:02 - 000000000 ____D C:\Users\Michal\Desktop\MATURITA
2023-09-21 20:50 - 2023-09-21 20:50 - 000754341 _____ C:\Users\Michal\Downloads\PSY - prezentace 1. blok - 1.-3.DK 1. roč. 2023-24.pptx
2023-09-20 19:32 - 2023-09-20 19:32 - 000000000 _____ C:\Users\Michal\Downloads\jurčíková_2010_dp.pdf
2023-09-20 19:26 - 2023-09-20 19:26 - 001719460 _____ C:\Users\Michal\Downloads\Pedag_1970_3_06_Diagnosticke_399_426.pdf
2023-09-18 21:56 - 2023-09-18 21:57 - 019445201 _____ C:\Users\Michal\Downloads\Uždil Jaromír - Čáry, klikyháky, paňáci a auta.pdf
2023-09-18 21:20 - 2023-09-18 21:23 - 050792417 _____ C:\Users\Michal\Downloads\Didaktika VV vývoj dětské kresby a znaky dětské kresby.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000148153 _____ C:\Users\Michal\Downloads\10-Péče-o-děti-vychovávané-mimo-rodinu-náhradní-výchovná-péče.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000128344 _____ C:\Users\Michal\Downloads\07-Pedagogika-volného-času.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000086026 _____ C:\Users\Michal\Downloads\3-Formy-výchovy-a-vzdělávání-1.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000086026 _____ C:\Users\Michal\Downloads\3-Formy-výchovy-a-vzdělávání.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000072603 _____ C:\Users\Michal\Downloads\9. MO nastin vyvoje predskolni vyhky a vzdelavani.pdf
2023-09-18 18:48 - 2023-09-18 18:48 - 008506151 _____ C:\Users\Michal\Downloads\20230913_190502.mp4
2023-09-15 15:05 - 2023-09-15 15:05 - 000021573 _____ C:\Users\Michal\Downloads\Premium-1.7.xlsx
2023-09-13 21:42 - 2023-09-13 21:42 - 000000000 ___HD C:\$WinREAgent
2023-09-12 21:58 - 2023-09-12 21:58 - 000504516 _____ C:\Users\Michal\Downloads\FatSorter-1.0.4.zip
2023-09-12 21:36 - 2023-09-12 21:36 - 000406596 _____ C:\Users\Michal\Downloads\ilovepdf_pages-to-jpg (1).zip
2023-09-12 21:35 - 2023-09-12 21:35 - 000192134 _____ C:\Users\Michal\Downloads\2021-2022 Potvrzení, čestné prohlášení o pedagogické praxi vedoucího maturitní práce-2.pdf
2023-09-12 21:28 - 2023-09-12 21:28 - 002179201 _____ C:\Users\Michal\Downloads\PSY - 1. blok - 2. DK3,4 - 2. roč..pptx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-01 18:38 - 2017-12-10 21:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-01 18:38 - 2017-12-10 21:29 - 000000000 ____D C:\Temp
2023-10-01 18:33 - 2023-01-05 16:13 - 000000000 ____D C:\Users\Michal\AppData\Roaming\eM Client
2023-10-01 18:33 - 2017-12-10 21:46 - 000000000 ____D C:\Program Files\CCleaner
2023-10-01 18:32 - 2021-12-17 23:09 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-01 18:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-01 18:32 - 2017-12-10 21:36 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-01 12:37 - 2017-12-10 21:31 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-01 12:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-01 12:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-01 12:29 - 2020-06-07 00:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-30 22:55 - 2020-11-05 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-30 21:47 - 2021-12-15 16:12 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2023-09-30 21:39 - 2022-02-10 16:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-30 20:29 - 2020-11-05 22:30 - 003155042 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-30 20:29 - 2020-11-05 22:08 - 000416836 _____ C:\WINDOWS\system32\prfh0804.dat
2023-09-30 20:29 - 2020-11-05 22:08 - 000132544 _____ C:\WINDOWS\system32\prfc0804.dat
2023-09-30 20:29 - 2020-11-05 22:07 - 000760672 _____ C:\WINDOWS\system32\perfh019.dat
2023-09-30 20:29 - 2020-11-05 22:07 - 000151380 _____ C:\WINDOWS\system32\perfc019.dat
2023-09-30 20:29 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2023-09-30 20:29 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2023-09-30 20:29 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-30 20:26 - 2017-12-10 21:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-30 20:26 - 2017-12-10 21:36 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-30 20:23 - 2020-11-05 22:29 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-09-30 20:23 - 2020-11-05 22:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-30 20:23 - 2020-11-05 22:21 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-30 20:23 - 2017-12-10 21:35 - 000000000 ____D C:\ProgramData\AVAST Software
2023-09-30 20:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-30 20:21 - 2022-12-15 16:34 - 000000000 ____D C:\ProgramData\Piriform
2023-09-30 20:11 - 2022-09-20 14:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-30 20:11 - 2017-12-10 21:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-30 15:38 - 2020-11-05 22:29 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-09-30 15:38 - 2020-10-17 15:02 - 000275168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-09-30 15:38 - 2020-04-22 15:33 - 000559696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-09-30 15:38 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-30 15:38 - 2019-01-14 18:52 - 000392984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-09-30 15:38 - 2019-01-07 13:35 - 000297992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-09-30 15:38 - 2019-01-07 13:35 - 000096064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-09-30 15:38 - 2018-10-22 20:09 - 000039760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000950696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000708048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000319560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000240176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-09-30 15:13 - 2021-12-12 22:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1405961527-2406829358-1402099359-1001
2023-09-30 15:13 - 2020-11-05 22:29 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1405961527-2406829358-1402099359-1001
2023-09-30 15:13 - 2020-11-05 22:22 - 000002384 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-30 15:10 - 2017-12-10 22:05 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-27 21:51 - 2023-08-30 20:14 - 000000000 ____D C:\Users\Michal\Desktop\USB90
2023-09-27 21:50 - 2017-12-13 17:06 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Excel
2023-09-27 20:48 - 2023-06-29 21:19 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-09-27 20:48 - 2022-09-20 14:58 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-27 20:48 - 2021-12-15 16:13 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-09-27 20:48 - 2021-12-15 16:13 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2023-09-27 20:48 - 2021-12-15 16:12 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-09-27 20:48 - 2021-12-15 16:12 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-09-27 20:48 - 2021-08-19 15:12 - 000002256 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Michal
2023-09-27 20:48 - 2020-11-05 22:29 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-27 20:48 - 2020-11-05 22:29 - 000003410 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-27 20:48 - 2020-11-05 22:29 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-27 20:48 - 2020-11-05 22:29 - 000003258 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2023-09-27 20:48 - 2020-11-05 22:29 - 000003186 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-27 20:48 - 2020-11-05 22:29 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-27 20:48 - 2020-11-05 22:29 - 000002396 _____ C:\WINDOWS\system32\Tasks\BundleApplicationRepairToolLauncherTask
2023-09-27 20:48 - 2020-11-05 22:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-09-26 12:17 - 2018-06-10 16:56 - 000000000 ____D C:\Users\Michal\Documents\pyramidak
2023-09-26 12:17 - 2018-06-10 16:56 - 000000000 ____D C:\Users\Michal\AppData\Roaming\pyramidak
2023-09-26 11:31 - 2018-07-03 17:56 - 000000000 ____D C:\ProgramData\Packages
2023-09-24 20:59 - 2017-12-10 21:52 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Word
2023-09-21 19:01 - 2021-12-15 16:13 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2023-09-13 22:33 - 2020-11-05 22:21 - 000572792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-13 22:32 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-13 22:32 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-13 21:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-13 21:46 - 2020-11-05 22:25 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-13 21:39 - 2017-12-10 21:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 21:36 - 2017-12-10 21:53 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-12 21:50 - 2022-12-16 19:56 - 000000000 ____D C:\Users\Michal\Desktop\ŠKOLA MB
2023-09-07 22:14 - 2023-07-06 20:25 - 000000000 ____D C:\Users\Michal\Desktop\Nabídky k prodeji
2023-09-07 19:28 - 2021-09-17 19:22 - 000000000 ____D C:\Users\Michal\Desktop\HISTORIE
2023-09-07 19:26 - 2023-03-03 17:13 - 000000000 ____D C:\Users\Michal\Desktop\Formuláře
2023-09-02 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2023-07-09 17:27 - 2023-08-30 20:25 - 000000040 _____ () C:\Users\Michal\AppData\Roaming\cdr.ini
2018-03-23 16:37 - 2022-10-20 21:07 - 000179200 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-06-30 21:30 - 2020-06-20 13:33 - 000007617 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Michal (01-10-2023 18:38:51)
Running from C:\Users\Michal\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2020-11-05 20:29:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1405961527-2406829358-1402099359-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1405961527-2406829358-1402099359-503 - Limited - Disabled)
Guest (S-1-5-21-1405961527-2406829358-1402099359-501 - Limited - Disabled)
Michal (S-1-5-21-1405961527-2406829358-1402099359-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-1405961527-2406829358-1402099359-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advanced MID Converter (HKLM-x32\...\Advanced MID Converter) (Version: 2.0 - Gold-Software Development)
Altap Salamander 3.08 (x64) (HKLM\...\Altap Salamander 3.08 (x64)) (Version: 3.08 - ALTAP)
AnyMP4 Video Converter Ultimate 8.5.10 (HKLM-x32\...\{B77ACAAE-53EE-43c3-86F1-4AEA52F6CDD5}_is1) (Version: 8.5.10 - AnyMP4 Studio)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Audacity 3.2.5 (64bitový) (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Avast SecureLine VPN (HKLM\...\%V_PRODUCT_UNINSTALL_REG_KEY%) (Version: 5.6.4971.434 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.27.8746.9512 - Avast Software)
Balíček ovladače systému Windows - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
Dell SupportAssistAgent (HKLM\...\{8D7B279C-A661-465C-9658-F62FBD6A6B91}) (Version: 2.1.3.5 - Dell)
Disk Google (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\5372b2ce9d2c4998a64f36bd745fb121) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\252dcccb2e5e3b1d70ccb30b6147c2b0) (Version: 1.0 - Google\Chrome)
eM Client (HKLM-x32\...\{3264F314-B940-4CE3-81F0-EA8AA2C2DD45}) (Version: 9.2.1577.0 - eM Client Inc.)
Envisioneer Express 7 (HKLM-x32\...\{F84B62D4-2F12-4F17-A274-ADA8032EB44B}) (Version: 7.0 - Cadsoft Corporation) Hidden
Envisioneer Express 7 (HKLM-x32\...\InstallShield_{F84B62D4-2F12-4F17-A274-ADA8032EB44B}) (Version: 7.0 - Cadsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Free Burn MP3-CD v1.2 (HKLM-x32\...\Free Burn MP3-CD_is1) (Version: 1.2 - www.nbxsoft.com)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - Eusing Software)
Gmail (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\2360c0b094e8d99c838854af8acfe5f7) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Incomedia WebSite X5 - Evolution (HKLM\...\{B16A8D0F-BD9E-47FA-BD57-595831679B0B}_is1) (Version: 16.0.3.0 - Incomedia s.r.l.)
Incomedia WebSite X5 v13 - Evolution (HKLM\...\{F63FFE16-449A-4BAB-B484-894097882CDD}_is1) (Version: 13.0.0.14 - Incomedia s.r.l.)
Incomedia WebSite X5 v14 - Evolution (HKLM\...\{3375892E-1801-4D15-A6C4-ED60F3FEDCF4}_is1) (Version: 14.0.1.1 - Incomedia s.r.l.)
Incomedia WebSite X5 v15 - Evolution (HKLM\...\{7AA7E155-503E-44B9-AC33-93B1B81687AF}_is1) (Version: 15.0.1.0 - Incomedia s.r.l.)
ISDOCReader 4.0.1 (HKLM-x32\...\{B4BD968A-B913-44B7-BD0D-DC966B149197}) (Version: 4.0.1 - ABRA Software a.s.)
Kalendář (HKLM\...\Kalendar) (Version: 3.6.8 - pyramidak)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - )
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Teams) (Version: 1.5.00.28567 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 118.0.1 (x64 cs)) (Version: 118.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.2.0 - Mozilla)
Mp3tag v3.18 (HKLM\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF-XChange Editor (HKLM\...\{EB67548E-423F-49EE-932F-D02CD88B73BA}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{3892aa3e-dfc3-4ae3-998a-6d393065355a}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.)
PerfV350 Uživatelská příručka (HKLM-x32\...\PerfV350 Uživatelská příručka) (Version: - )
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Portfolio Performance (HKLM-x32\...\Portfolio Performance) (Version: 0.60.2 - Andreas Buchen)
Prezentace (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\d301bd3f2bb47b0fabe4e02571f8dbb7) (Version: 1.0 - Google\Chrome)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Sadovnická projekce (HKLM-x32\...\Sadovnická projekce_is1) (Version: - Karel Rys)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SD Card Recovery (HKLM-x32\...\{09907A60-5843-4E83-A471-3102A42231B8}_is1) (Version: - LC Technology International, Inc.)
Služba Xperia Companion (HKLM\...\{3F33E34E-C93B-4779-9B75-174EB86A64E0}) (Version: 2.5.3.0 - Sony) Hidden
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Update Engine) (Version: 2.19.7.201905231210 - Sony Mobile Communications Inc.)
Sony USB Driver (HKLM-x32\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.1-15163 - Synology)
Tabulky (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\60e427a99820ebc41b55717f5fd8b176) (Version: 1.0 - Google\Chrome)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.46.5 - TeamViewer)
TomTom HOME 2.21.21.3131738 (HKLM\...\TomTom HOME) (Version: 2.21.21.3131738 - TomTom)
TomTom MyDrive Connect 4.3.3.5010 (HKLM-x32\...\MyDriveConnect) (Version: 4.3.3.5010 - TomTom)
TP-Link PLC Utility (HKLM-x32\...\{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.4137.4 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.4137.4 - TP-Link)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebSite X5 Optimizer (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\website-x5-optimizer) (Version: 1.10.0 - Incomedia srl)
WinFast Multimedia Driver Installation (HKLM-x32\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version: - Multimedia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{1017C503-1AD0-4982-A4DA-406200D7E375}) (Version: 2.5.3.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{8c78e3be-2cef-41ed-91c7-78af87572445}) (Version: 2.5.3.0 - Sony)
YouTube (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\62b35a98d436b16b15a647ac3fe8f3e0) (Version: 1.0 - Google\Chrome)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
Zoom (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2022-04-14] (Autodesk Inc.)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-13] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-11-01] (Canon Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-12] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-31] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-14] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-12] (NVIDIA Corp.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Studios) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2022-04-14] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1405961527-2406829358-1402099359-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Michal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22272.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1405961527-2406829358-1402099359-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Michal\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2017-12-10 21:41 - 2016-12-27 16:36 - 000013312 _____ (ALTAP) [File not signed] C:\Program Files\Altap Salamander\utils\salextx64.dll
2018-07-01 21:22 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2017-11-15 14:16 - 2017-11-15 14:16 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2018-07-01 21:22 - 2017-11-07 16:37 - 000088064 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2018-07-01 21:22 - 2017-11-07 16:37 - 000200192 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9485DACB [143]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2019-01-04 19:14 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Zoner\ZPS 17\ZPSWallPaper.bmp
DNS Servers: 100.126.0.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{826AF92A-446A-42D5-8956-4A14C6F88A39}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{167D9C34-CBF8-494A-9440-6B6CEE3536BD}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1BE9780E-BA76-4126-A945-128C2BE9EECB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{FD691A84-3331-4759-9C23-B877623C1C87}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E9CBEC8-0591-4E96-8FC5-6F1450058D00}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1D78F569-A1B0-4109-9E0A-8538029E45F9}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{FDF96311-7C46-4E32-B881-92A6E438994A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{9E5C0917-51D3-401F-B2A8-DECD71C7367C}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{526DE0F9-0819-4EDF-885B-242149A1A7E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9C3BF651-653B-4033-B122-92E84E497127}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9D00E887-4E22-462B-A365-1CA19EC00E44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A2FCA02E-3E1E-4236-AEB5-4E7482F30B33}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9EF8AA30-533C-46BF-8390-393232A900DB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C604E9A4-22CC-4F25-970A-5D15EE7DD7E1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{1D652529-B4F5-444C-A1DA-01A06975B41B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [{1C4B55A7-7188-472A-A445-23D59297C3FE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AD5CD4C1-87AD-4271-A77B-F2F5900BF4CB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F54EA0B5-7EF6-4E8E-A5E0-E974D7DA0826}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3D77E9A8-2F9D-463F-B17D-15BF6A4E9D7A}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{385A22B5-B476-4511-815F-C90314366D24}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{627D08C2-68A0-42D3-88B6-C819476B2E99}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{51DB80BD-60B0-4B11-B00D-BAA0DB58CBC4}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{6D0F8BA0-145C-479E-A79F-BEC6E985DB96}] => (Allow) C:\Users\Michal\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{86CD9BA0-544C-49FB-8D71-A6C21E639DF6}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{68797BE8-8991-4430-AC31-E74E259DF0E8}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{0D88B69C-F0FB-4C4D-997B-FAB1DC17167F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28660FE3-84D4-4E94-96F8-2F6D52E49D0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{914EB7E7-557A-44E6-BC7C-47A6A85182BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ED3B468-B1A7-4F83-B40E-1E6A8C6E8304}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D96B6009-C24C-4688-955A-8AED17D0BDF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{39C92081-62E0-40FF-A940-AF4B4D67CDC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

13-09-2023 21:42:46 Instalační služba modulů systému Windows
22-09-2023 22:42:58 Naplánovaný kontrolní bod
30-09-2023 16:10:54 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Dell Diag Control Device
Description: Dell Diag Control Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Dell Computer Corporation
Service: DDDriver
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/01/2023 06:35:41 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (10/01/2023 12:37:34 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (10/01/2023 12:37:33 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (10/01/2023 12:37:03 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (10/01/2023 12:37:03 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (09/30/2023 10:58:47 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (09/30/2023 10:58:20 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (09/30/2023 10:58:17 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.


System errors:
=============
Error: (10/01/2023 06:32:57 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 06:32:57 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 06:32:57 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 06:32:57 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 06:32:48 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-9IJAJ0J)
Description: Nelze spustit server DCOM: Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXea6epmb5w19sjwy9ckw8md46dm93nhkq.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca

Error: (10/01/2023 12:29:26 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 12:29:26 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 12:29:26 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.


CodeIntegrity:
===============
Date: 2023-10-01 18:33:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-09-30 21:24:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-09-30 20:25:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F5 11/09/2017
Motherboard: Gigabyte Technology Co., Ltd. Z370 HD3P-CF
Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 32%
Total physical RAM: 16330.05 MB
Available physical RAM: 11071.46 MB
Total Virtual: 18762.05 MB
Available Virtual: 11809.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.28 GB) (Free:112.09 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:50.92 GB) (Model: SAMSUNG HD501LJ) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) (Model: ST3120026AS) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:111.69 GB) (Free:35.78 GB) (Model: ST3120026AS) NTFS

\\?\Volume{176363ce-7b27-4e2a-ae42-b131c20c6b57}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{491994cd-6ec3-47b9-a532-3914c6c0de8c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 328AF01A)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: AB2BB0C0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 46D846D7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Velmi podivné chování PC

#2 Příspěvek od Rudy »

Zdravím!
Nejdřív spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#3 Příspěvek od mhk »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-01-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3448)
# Cleaned: 7
# Awaiting reboot:1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DD0B12C-D0F6-4CB9-A007-BE0303DBA931}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DD0B12C-D0F6-4CB9-A007-BE0303DBA931}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D7B279C-A661-465C-9658-F62FBD6A6B91}
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT

*************************

AdwCleaner[S00].txt - [2428 octets] - [01/10/2023 21:00:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#4 Příspěvek od mhk »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-01-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3448)
# Cleaned: 7
# Awaiting reboot:1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DD0B12C-D0F6-4CB9-A007-BE0303DBA931}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DD0B12C-D0F6-4CB9-A007-BE0303DBA931}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D7B279C-A661-465C-9658-F62FBD6A6B91}
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT

*************************

AdwCleaner[S00].txt - [2428 octets] - [01/10/2023 21:00:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Velmi podivné chování PC

#5 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#6 Příspěvek od mhk »

Je to zvláštní, po adwCleaneru se již nelze dostat znovu na tuto internetovou stránku, Tak musím "projet" Avast a pak to zase chodí...
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-01-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.3448)
# Cleaned: 2
# Awaiting reboot:1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\Michal\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT

*************************

AdwCleaner[S00].txt - [2428 octets] - [01/10/2023 21:00:56]
AdwCleaner[C00].txt - [2790 octets] - [01/10/2023 21:01:55]
AdwCleaner[S01].txt - [1700 octets] - [01/10/2023 21:49:37]
AdwCleaner[S02].txt - [1761 octets] - [01/10/2023 21:50:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#7 Příspěvek od mhk »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Michal (01-10-2023 22:02:31)
Running from C:\Users\Michal\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2020-11-05 20:29:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1405961527-2406829358-1402099359-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1405961527-2406829358-1402099359-503 - Limited - Disabled)
Guest (S-1-5-21-1405961527-2406829358-1402099359-501 - Limited - Disabled)
Michal (S-1-5-21-1405961527-2406829358-1402099359-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-1405961527-2406829358-1402099359-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advanced MID Converter (HKLM-x32\...\Advanced MID Converter) (Version: 2.0 - Gold-Software Development)
Altap Salamander 3.08 (x64) (HKLM\...\Altap Salamander 3.08 (x64)) (Version: 3.08 - ALTAP)
AnyMP4 Video Converter Ultimate 8.5.10 (HKLM-x32\...\{B77ACAAE-53EE-43c3-86F1-4AEA52F6CDD5}_is1) (Version: 8.5.10 - AnyMP4 Studio)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Audacity 3.2.5 (64bitový) (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Avast SecureLine VPN (HKLM\...\%V_PRODUCT_UNINSTALL_REG_KEY%) (Version: 5.6.4971.434 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.27.8746.9512 - Avast Software)
Balíček ovladače systému Windows - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
Disk Google (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\5372b2ce9d2c4998a64f36bd745fb121) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\252dcccb2e5e3b1d70ccb30b6147c2b0) (Version: 1.0 - Google\Chrome)
eM Client (HKLM-x32\...\{3264F314-B940-4CE3-81F0-EA8AA2C2DD45}) (Version: 9.2.1577.0 - eM Client Inc.)
Envisioneer Express 7 (HKLM-x32\...\{F84B62D4-2F12-4F17-A274-ADA8032EB44B}) (Version: 7.0 - Cadsoft Corporation) Hidden
Envisioneer Express 7 (HKLM-x32\...\InstallShield_{F84B62D4-2F12-4F17-A274-ADA8032EB44B}) (Version: 7.0 - Cadsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Free Burn MP3-CD v1.2 (HKLM-x32\...\Free Burn MP3-CD_is1) (Version: 1.2 - www.nbxsoft.com)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - Eusing Software)
Gmail (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\2360c0b094e8d99c838854af8acfe5f7) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Incomedia WebSite X5 - Evolution (HKLM\...\{B16A8D0F-BD9E-47FA-BD57-595831679B0B}_is1) (Version: 16.0.3.0 - Incomedia s.r.l.)
Incomedia WebSite X5 v13 - Evolution (HKLM\...\{F63FFE16-449A-4BAB-B484-894097882CDD}_is1) (Version: 13.0.0.14 - Incomedia s.r.l.)
Incomedia WebSite X5 v14 - Evolution (HKLM\...\{3375892E-1801-4D15-A6C4-ED60F3FEDCF4}_is1) (Version: 14.0.1.1 - Incomedia s.r.l.)
Incomedia WebSite X5 v15 - Evolution (HKLM\...\{7AA7E155-503E-44B9-AC33-93B1B81687AF}_is1) (Version: 15.0.1.0 - Incomedia s.r.l.)
ISDOCReader 4.0.1 (HKLM-x32\...\{B4BD968A-B913-44B7-BD0D-DC966B149197}) (Version: 4.0.1 - ABRA Software a.s.)
Kalendář (HKLM\...\Kalendar) (Version: 3.6.8 - pyramidak)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - )
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Teams) (Version: 1.5.00.28567 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 118.0.1 (x64 cs)) (Version: 118.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.2.0 - Mozilla)
Mp3tag v3.18 (HKLM\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF-XChange Editor (HKLM\...\{EB67548E-423F-49EE-932F-D02CD88B73BA}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{3892aa3e-dfc3-4ae3-998a-6d393065355a}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.)
PerfV350 Uživatelská příručka (HKLM-x32\...\PerfV350 Uživatelská příručka) (Version: - )
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Portfolio Performance (HKLM-x32\...\Portfolio Performance) (Version: 0.60.2 - Andreas Buchen)
Prezentace (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\d301bd3f2bb47b0fabe4e02571f8dbb7) (Version: 1.0 - Google\Chrome)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Sadovnická projekce (HKLM-x32\...\Sadovnická projekce_is1) (Version: - Karel Rys)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SD Card Recovery (HKLM-x32\...\{09907A60-5843-4E83-A471-3102A42231B8}_is1) (Version: - LC Technology International, Inc.)
Služba Xperia Companion (HKLM\...\{3F33E34E-C93B-4779-9B75-174EB86A64E0}) (Version: 2.5.3.0 - Sony) Hidden
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Update Engine) (Version: 2.19.7.201905231210 - Sony Mobile Communications Inc.)
Sony USB Driver (HKLM-x32\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.1-15163 - Synology)
Tabulky (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\60e427a99820ebc41b55717f5fd8b176) (Version: 1.0 - Google\Chrome)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.46.5 - TeamViewer)
TomTom HOME 2.21.21.3131738 (HKLM\...\TomTom HOME) (Version: 2.21.21.3131738 - TomTom)
TomTom MyDrive Connect 4.3.3.5010 (HKLM-x32\...\MyDriveConnect) (Version: 4.3.3.5010 - TomTom)
TP-Link PLC Utility (HKLM-x32\...\{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.4137.4 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.4137.4 - TP-Link)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebSite X5 Optimizer (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\website-x5-optimizer) (Version: 1.10.0 - Incomedia srl)
WinFast Multimedia Driver Installation (HKLM-x32\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version: - Multimedia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{1017C503-1AD0-4982-A4DA-406200D7E375}) (Version: 2.5.3.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{8c78e3be-2cef-41ed-91c7-78af87572445}) (Version: 2.5.3.0 - Sony)
YouTube (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\62b35a98d436b16b15a647ac3fe8f3e0) (Version: 1.0 - Google\Chrome)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
Zoom (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2022-04-14] (Autodesk Inc.)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-13] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-11-01] (Canon Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-12] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-31] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-14] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-12] (NVIDIA Corp.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Studios) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2022-04-14] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1405961527-2406829358-1402099359-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Michal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22272.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1405961527-2406829358-1402099359-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Michal\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2017-12-10 21:41 - 2016-12-27 16:36 - 000013312 _____ (ALTAP) [File not signed] C:\Program Files\Altap Salamander\utils\salextx64.dll
2018-07-01 21:22 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2017-11-15 14:16 - 2017-11-15 14:16 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2018-07-01 21:22 - 2017-11-07 16:37 - 000088064 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2018-07-01 21:22 - 2017-11-07 16:37 - 000200192 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9485DACB [143]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2019-01-04 19:14 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Zoner\ZPS 17\ZPSWallPaper.bmp
DNS Servers: 100.126.0.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{826AF92A-446A-42D5-8956-4A14C6F88A39}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{167D9C34-CBF8-494A-9440-6B6CEE3536BD}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1BE9780E-BA76-4126-A945-128C2BE9EECB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{FD691A84-3331-4759-9C23-B877623C1C87}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E9CBEC8-0591-4E96-8FC5-6F1450058D00}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1D78F569-A1B0-4109-9E0A-8538029E45F9}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{FDF96311-7C46-4E32-B881-92A6E438994A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{9E5C0917-51D3-401F-B2A8-DECD71C7367C}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{526DE0F9-0819-4EDF-885B-242149A1A7E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9C3BF651-653B-4033-B122-92E84E497127}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9D00E887-4E22-462B-A365-1CA19EC00E44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A2FCA02E-3E1E-4236-AEB5-4E7482F30B33}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9EF8AA30-533C-46BF-8390-393232A900DB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C604E9A4-22CC-4F25-970A-5D15EE7DD7E1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{1D652529-B4F5-444C-A1DA-01A06975B41B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [{1C4B55A7-7188-472A-A445-23D59297C3FE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AD5CD4C1-87AD-4271-A77B-F2F5900BF4CB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F54EA0B5-7EF6-4E8E-A5E0-E974D7DA0826}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3D77E9A8-2F9D-463F-B17D-15BF6A4E9D7A}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{385A22B5-B476-4511-815F-C90314366D24}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{627D08C2-68A0-42D3-88B6-C819476B2E99}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{51DB80BD-60B0-4B11-B00D-BAA0DB58CBC4}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{6D0F8BA0-145C-479E-A79F-BEC6E985DB96}] => (Allow) C:\Users\Michal\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{86CD9BA0-544C-49FB-8D71-A6C21E639DF6}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{68797BE8-8991-4430-AC31-E74E259DF0E8}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{0D88B69C-F0FB-4C4D-997B-FAB1DC17167F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28660FE3-84D4-4E94-96F8-2F6D52E49D0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{914EB7E7-557A-44E6-BC7C-47A6A85182BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ED3B468-B1A7-4F83-B40E-1E6A8C6E8304}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D96B6009-C24C-4688-955A-8AED17D0BDF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{39C92081-62E0-40FF-A940-AF4B4D67CDC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-09-2023 22:42:58 Naplánovaný kontrolní bod
30-09-2023 16:10:54 Naplánovaný kontrolní bod
01-10-2023 21:01:44 AdwCleaner_BeforeCleaning_01/10/2023_21:01:44
01-10-2023 21:50:15 AdwCleaner_BeforeCleaning_01/10/2023_21:50:15

==================== Faulty Device Manager Devices ============

Name: Dell Diag Control Device
Description: Dell Diag Control Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Dell Computer Corporation
Service: DDDriver
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/01/2023 09:02:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/01/2023 09:02:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/01/2023 09:02:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/01/2023 09:02:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/01/2023 09:02:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/01/2023 09:02:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/01/2023 06:35:41 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (10/01/2023 12:37:34 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.


System errors:
=============
Error: (10/01/2023 09:56:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/01/2023 09:56:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/01/2023 09:56:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/01/2023 09:51:51 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 09:51:51 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 09:51:51 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 09:51:51 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{36062E97-B837-4C90-A763-A03B64506A71}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/01/2023 09:51:21 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-9IJAJ0J)
Description: Nelze spustit server DCOM: Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXea6epmb5w19sjwy9ckw8md46dm93nhkq.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca


CodeIntegrity:
===============
Date: 2023-10-01 21:53:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-10-01 21:52:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F5 11/09/2017
Motherboard: Gigabyte Technology Co., Ltd. Z370 HD3P-CF
Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 31%
Total physical RAM: 16330.05 MB
Available physical RAM: 11194.95 MB
Total Virtual: 18762.05 MB
Available Virtual: 11850.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.28 GB) (Free:114.16 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:50.92 GB) (Model: SAMSUNG HD501LJ) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) (Model: ST3120026AS) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:111.69 GB) (Free:35.78 GB) (Model: ST3120026AS) NTFS

\\?\Volume{176363ce-7b27-4e2a-ae42-b131c20c6b57}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{491994cd-6ec3-47b9-a532-3914c6c0de8c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 328AF01A)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: AB2BB0C0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 46D846D7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#8 Příspěvek od mhk »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Michal (administrator) on DESKTOP-9IJAJ0J (Gigabyte Technology Co., Ltd. Z370 HD3P) (01-10-2023 22:01:34)
Running from C:\Users\Michal\Downloads\FRST64 (2).exe
Loaded Profiles: Michal
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe ->) (Avast Software s.r.o. -> Avast Software) C:\Program Files\AVAST Software\SecureLine VPN\WireGuard\wireguardtun.exe
(C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(cmd.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnNM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(services.exe ->) (Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TomTom) [File not signed] C:\Program Files (x86)\TomTom HOME 2\TTHOMEService.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2308.3.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [255896 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2283872 2019-06-18] (Sony Mobile Communications AB -> Sony) [File not signed]
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Michal\AppData\Local\Microsoft\Teams\Update.exe [2585920 2022-11-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TTHOMERunner.exe [902656 2023-06-15] (TomTom) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [983688 2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\116.0.22388.188\Installer\chrmstp.exe [2023-09-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe [2023-09-30] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7B2C3EF6-3F2F-4600-AEB3-402FD99227BC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5135256 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
Task: {CBBD7E35-CE40-4A51-88A8-03BE6C782AF5} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1294744 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {40A03DC5-0186-41FB-9AF9-BC2C6BFF0AD1} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4762520 2023-09-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {7C4B24AB-4959-481A-94D8-74EE77734AB2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-08-25] (Avast Software s.r.o. -> Avast Software)
Task: {E3CE4C86-EE50-4190-9273-E73DE45FD03D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {E3B5934F-8229-42C3-B3E7-471F623099B8} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\Michal\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [625024 2018-02-03] (PC-Doctor, Inc. -> )
Task: {00C3F3CD-5E7B-4C23-BEDA-330890D52DE3} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {12353DBA-57EB-432F-8800-564CCDF693E0} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B5A28D16-4CB5-469A-B8F4-621CAD43B6CC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {13243EEC-C035-43BC-BA37-C72536A3C5C9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2eefe022-a951-4c00-9fd0-b4f604ae77e3" --version "6.16.10662" --silent
Task: {A460B001-4F1E-4FC2-AF97-2DD596E70E53} - System32\Tasks\CCleanerSkipUAC - Michal => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8BC31088-EB08-450F-AAC2-AB1164D3756C} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {7F9F0A20-6E22-4E07-A024-C04553941A31} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {38788CB3-BCAA-4998-8295-D71EF8641E5E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5311304 2023-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {15661CF0-A921-4452-A622-95FE7D26B460} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {7A23F3C0-CEC3-48B2-A6FD-BACFABDA766E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {2BBC795B-31F2-4D54-925C-A9F22AC5C929} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {4F8A3576-C622-4243-A364-E22C8041FCEF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-09-29] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {97DF1A66-51AB-4D59-8E90-929906E3CAA5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-29] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{36062e97-b837-4c90-a763-a03b64506a71}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41766173-7453-6f66-7477-617265415357}: [NameServer] 100.126.0.1
Tcpip\..\Interfaces\{86183110-57d5-4d94-a578-319b44cd41b5}: [NameServer] 100.120.128.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-02]

FireFox:
========
FF DefaultProfile: ct6nf0t2.default-1512936354244
FF ProfilePath: C:\Users\Michal\AppData\Roaming\TomTom\HOME\Profiles\2f62k23k.default [2023-05-06]
FF Extension: (MazdaTheme) - C:\Users\Michal\AppData\Roaming\TomTom\HOME\Profiles\2f62k23k.default\Extensions\MazdaTheme@mazda.com [2023-05-06] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default [2021-10-15]
FF Extension: (Czech (cs) Language Pack) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\langpack-cs@getnightingale.com [2021-10-06] [Legacy] [not signed]
FF Extension: (mashTape) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\mashTape@getnightingale.com [2021-10-06] [Legacy] [not signed]
FF Extension: (SoundCloud) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\soundcloud@songbirdnest.com [2021-10-06] [Legacy] [not signed]
FF Extension: (MLyrics) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\{6039188e-d135-11df-bcc9-c7e1ded72085} [2021-10-06] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com [not found]
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 [2023-10-01]
FF Homepage: Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 -> www.seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 -> hxxps://www.fischer.cz; hxxps://www.youtube.com; hxxps://www.invia.cz
FF Extension: (Avast SecureLine VPN) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244\Extensions\secureline-vpn@avast.com.xpi [2021-10-20]
FF Extension: (ColorZilla) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-12-21]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2023-10-01]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-12]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Avast SecureLine VPN) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\phmegojolgpbbcnhccbfneddlooepbpd [2023-01-11]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-09-30]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-03]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-04-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-27]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-02]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\System Profile [2023-09-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9090968 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [776088 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2304920 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [796568 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\116.0.22388.188\elevation_service.exe [1837968 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc -> Dell Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [11017624 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17938232 2023-09-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TTHOMEService; C:\Program Files (x86)\TomTom HOME 2\TTHOMEService.exe [437248 2023-06-15] (TomTom) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-08-08] (Synology Inc. -> ) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191872 2019-06-18] (Sony) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [240176 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392984 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297992 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [96064 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39760 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275168 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559696 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [950696 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [708048 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213192 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319560 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76568 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2022-12-05] (Avast Software s.r.o. -> AVAST Software)
R3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [498992 2022-06-12] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S1 netfilter2; system32\drivers\netfilter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-01 22:01 - 2023-10-01 22:01 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64 (2).exe
2023-10-01 20:57 - 2023-10-01 21:01 - 000000000 ____D C:\AdwCleaner
2023-10-01 20:57 - 2023-10-01 20:57 - 008791352 _____ (Malwarebytes) C:\Users\Michal\Downloads\adwcleaner.exe
2023-10-01 20:57 - 2023-10-01 20:57 - 000780985 _____ C:\Users\Michal\Desktop\admin-standard-mp (1).pdf
2023-10-01 19:13 - 2023-10-01 19:13 - 000780985 _____ C:\Users\Michal\Downloads\admin-standard-mp.pdf
2023-10-01 18:38 - 2023-10-01 18:39 - 000037979 _____ C:\Users\Michal\Downloads\Addition.txt
2023-10-01 18:37 - 2023-10-01 22:01 - 000033218 _____ C:\Users\Michal\Downloads\FRST.txt
2023-10-01 18:37 - 2023-10-01 22:01 - 000000000 ____D C:\FRST
2023-10-01 18:37 - 2023-10-01 18:37 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2023-10-01 18:37 - 2023-10-01 18:37 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64 (1).exe
2023-09-30 21:40 - 2023-09-30 21:40 - 015274968 _____ (ESET) C:\Users\Michal\Downloads\esetonlinescanner.exe
2023-09-30 21:40 - 2023-09-30 21:40 - 000001383 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-09-30 15:38 - 2023-09-30 15:38 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-09-29 15:50 - 2023-09-30 20:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-22 21:02 - 2023-09-22 21:02 - 000000000 ____D C:\Users\Michal\Desktop\MATURITA
2023-09-21 20:50 - 2023-09-21 20:50 - 000754341 _____ C:\Users\Michal\Downloads\PSY - prezentace 1. blok - 1.-3.DK 1. roč. 2023-24.pptx
2023-09-20 19:32 - 2023-09-20 19:32 - 000000000 _____ C:\Users\Michal\Downloads\jurčíková_2010_dp.pdf
2023-09-20 19:26 - 2023-09-20 19:26 - 001719460 _____ C:\Users\Michal\Downloads\Pedag_1970_3_06_Diagnosticke_399_426.pdf
2023-09-18 21:56 - 2023-09-18 21:57 - 019445201 _____ C:\Users\Michal\Downloads\Uždil Jaromír - Čáry, klikyháky, paňáci a auta.pdf
2023-09-18 21:20 - 2023-09-18 21:23 - 050792417 _____ C:\Users\Michal\Downloads\Didaktika VV vývoj dětské kresby a znaky dětské kresby.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000148153 _____ C:\Users\Michal\Downloads\10-Péče-o-děti-vychovávané-mimo-rodinu-náhradní-výchovná-péče.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000128344 _____ C:\Users\Michal\Downloads\07-Pedagogika-volného-času.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000086026 _____ C:\Users\Michal\Downloads\3-Formy-výchovy-a-vzdělávání-1.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000086026 _____ C:\Users\Michal\Downloads\3-Formy-výchovy-a-vzdělávání.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000072603 _____ C:\Users\Michal\Downloads\9. MO nastin vyvoje predskolni vyhky a vzdelavani.pdf
2023-09-18 18:48 - 2023-09-18 18:48 - 008506151 _____ C:\Users\Michal\Downloads\20230913_190502.mp4
2023-09-15 15:05 - 2023-09-15 15:05 - 000021573 _____ C:\Users\Michal\Downloads\Premium-1.7.xlsx
2023-09-13 21:42 - 2023-09-13 21:42 - 000000000 ___HD C:\$WinREAgent
2023-09-12 21:58 - 2023-09-12 21:58 - 000504516 _____ C:\Users\Michal\Downloads\FatSorter-1.0.4.zip
2023-09-12 21:36 - 2023-09-12 21:36 - 000406596 _____ C:\Users\Michal\Downloads\ilovepdf_pages-to-jpg (1).zip
2023-09-12 21:35 - 2023-09-12 21:35 - 000192134 _____ C:\Users\Michal\Downloads\2021-2022 Potvrzení, čestné prohlášení o pedagogické praxi vedoucího maturitní práce-2.pdf
2023-09-12 21:28 - 2023-09-12 21:28 - 002179201 _____ C:\Users\Michal\Downloads\PSY - 1. blok - 2. DK3,4 - 2. roč..pptx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-01 22:01 - 2017-12-10 21:29 - 000000000 ____D C:\Temp
2023-10-01 21:56 - 2020-11-05 22:30 - 003155042 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-01 21:56 - 2020-11-05 22:08 - 000416836 _____ C:\WINDOWS\system32\prfh0804.dat
2023-10-01 21:56 - 2020-11-05 22:08 - 000132544 _____ C:\WINDOWS\system32\prfc0804.dat
2023-10-01 21:56 - 2020-11-05 22:07 - 000760672 _____ C:\WINDOWS\system32\perfh019.dat
2023-10-01 21:56 - 2020-11-05 22:07 - 000151380 _____ C:\WINDOWS\system32\perfc019.dat
2023-10-01 21:56 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2023-10-01 21:56 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2023-10-01 21:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-01 21:56 - 2017-12-10 21:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-01 21:53 - 2021-12-17 23:09 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-01 21:53 - 2017-12-10 21:36 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-01 21:51 - 2020-11-05 22:29 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-10-01 21:51 - 2020-11-05 22:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-01 21:51 - 2020-11-05 22:21 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-01 21:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-01 21:51 - 2017-12-10 21:46 - 000000000 ____D C:\Program Files\CCleaner
2023-10-01 21:51 - 2017-12-10 21:35 - 000000000 ____D C:\ProgramData\AVAST Software
2023-10-01 21:51 - 2017-12-10 21:31 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-01 21:50 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-01 21:50 - 2018-11-18 18:52 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Samsung
2023-10-01 21:34 - 2017-12-10 21:52 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Word
2023-10-01 20:49 - 2020-11-05 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-01 19:05 - 2017-12-13 17:06 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Excel
2023-10-01 18:45 - 2022-02-10 16:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-01 18:33 - 2023-01-05 16:13 - 000000000 ____D C:\Users\Michal\AppData\Roaming\eM Client
2023-10-01 12:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-01 12:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-01 12:29 - 2020-06-07 00:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-30 21:47 - 2021-12-15 16:12 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2023-09-30 20:26 - 2017-12-10 21:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-30 20:26 - 2017-12-10 21:36 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-30 20:21 - 2022-12-15 16:34 - 000000000 ____D C:\ProgramData\Piriform
2023-09-30 20:11 - 2022-09-20 14:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-30 20:11 - 2017-12-10 21:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-30 15:38 - 2020-11-05 22:29 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-09-30 15:38 - 2020-10-17 15:02 - 000275168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-09-30 15:38 - 2020-04-22 15:33 - 000559696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-09-30 15:38 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-30 15:38 - 2019-01-14 18:52 - 000392984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-09-30 15:38 - 2019-01-07 13:35 - 000297992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-09-30 15:38 - 2019-01-07 13:35 - 000096064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-09-30 15:38 - 2018-10-22 20:09 - 000039760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000950696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000708048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000319560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000240176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-09-30 15:13 - 2021-12-12 22:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1405961527-2406829358-1402099359-1001
2023-09-30 15:13 - 2020-11-05 22:29 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1405961527-2406829358-1402099359-1001
2023-09-30 15:13 - 2020-11-05 22:22 - 000002384 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-30 15:10 - 2017-12-10 22:05 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-27 21:51 - 2023-08-30 20:14 - 000000000 ____D C:\Users\Michal\Desktop\USB90
2023-09-27 20:48 - 2023-06-29 21:19 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-09-27 20:48 - 2022-09-20 14:58 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-27 20:48 - 2021-12-15 16:13 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-09-27 20:48 - 2021-12-15 16:13 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2023-09-27 20:48 - 2021-12-15 16:12 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-09-27 20:48 - 2021-12-15 16:12 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-09-27 20:48 - 2021-08-19 15:12 - 000002256 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Michal
2023-09-27 20:48 - 2020-11-05 22:29 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-27 20:48 - 2020-11-05 22:29 - 000003410 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-27 20:48 - 2020-11-05 22:29 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-27 20:48 - 2020-11-05 22:29 - 000003186 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-27 20:48 - 2020-11-05 22:29 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-27 20:48 - 2020-11-05 22:29 - 000002396 _____ C:\WINDOWS\system32\Tasks\BundleApplicationRepairToolLauncherTask
2023-09-27 20:48 - 2020-11-05 22:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-09-26 12:17 - 2018-06-10 16:56 - 000000000 ____D C:\Users\Michal\Documents\pyramidak
2023-09-26 12:17 - 2018-06-10 16:56 - 000000000 ____D C:\Users\Michal\AppData\Roaming\pyramidak
2023-09-26 11:31 - 2018-07-03 17:56 - 000000000 ____D C:\ProgramData\Packages
2023-09-21 19:01 - 2021-12-15 16:13 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2023-09-13 22:33 - 2020-11-05 22:21 - 000572792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-13 22:32 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-13 22:32 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-13 21:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-13 21:46 - 2020-11-05 22:25 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-13 21:39 - 2017-12-10 21:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 21:36 - 2017-12-10 21:53 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-12 21:50 - 2022-12-16 19:56 - 000000000 ____D C:\Users\Michal\Desktop\ŠKOLA MB
2023-09-07 22:14 - 2023-07-06 20:25 - 000000000 ____D C:\Users\Michal\Desktop\Nabídky k prodeji
2023-09-07 19:28 - 2021-09-17 19:22 - 000000000 ____D C:\Users\Michal\Desktop\HISTORIE
2023-09-07 19:26 - 2023-03-03 17:13 - 000000000 ____D C:\Users\Michal\Desktop\Formuláře
2023-09-02 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2023-07-09 17:27 - 2023-08-30 20:25 - 000000040 _____ () C:\Users\Michal\AppData\Roaming\cdr.ini
2018-03-23 16:37 - 2022-10-20 21:07 - 000179200 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-06-30 21:30 - 2020-06-20 13:33 - 000007617 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Velmi podivné chování PC

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {15661CF0-A921-4452-A622-95FE7D26B460} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {7A23F3C0-CEC3-48B2-A6FD-BACFABDA766E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Michal\AppData\Roaming\cdr.ini
C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
Uložte do C:\Users\Michal\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#10 Příspěvek od mhk »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Michal (administrator) on DESKTOP-9IJAJ0J (Gigabyte Technology Co., Ltd. Z370 HD3P) (02-10-2023 16:20:00)
Running from C:\Users\Michal\Downloads\FRST64 (2).exe
Loaded Profiles: Michal
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvLaunch.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(services.exe ->) (Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3385_none_7e1c800a7c81ffd9\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [255896 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2283872 2019-06-18] (Sony Mobile Communications AB -> Sony) [File not signed]
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Michal\AppData\Local\Microsoft\Teams\Update.exe [2585920 2022-11-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [983688 2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\116.0.22388.188\Installer\chrmstp.exe [2023-09-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe [2023-09-30] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7B2C3EF6-3F2F-4600-AEB3-402FD99227BC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5135256 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
Task: {08FE3858-60AA-4574-98ED-063A0426DD56} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1294744 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {40A03DC5-0186-41FB-9AF9-BC2C6BFF0AD1} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4762520 2023-09-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {7C4B24AB-4959-481A-94D8-74EE77734AB2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-08-25] (Avast Software s.r.o. -> Avast Software)
Task: {E3CE4C86-EE50-4190-9273-E73DE45FD03D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {E3B5934F-8229-42C3-B3E7-471F623099B8} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\Michal\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [625024 2018-02-03] (PC-Doctor, Inc. -> )
Task: {00C3F3CD-5E7B-4C23-BEDA-330890D52DE3} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {12353DBA-57EB-432F-8800-564CCDF693E0} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B5A28D16-4CB5-469A-B8F4-621CAD43B6CC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {13243EEC-C035-43BC-BA37-C72536A3C5C9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2eefe022-a951-4c00-9fd0-b4f604ae77e3" --version "6.16.10662" --silent
Task: {A460B001-4F1E-4FC2-AF97-2DD596E70E53} - System32\Tasks\CCleanerSkipUAC - Michal => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8BC31088-EB08-450F-AAC2-AB1164D3756C} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {7F9F0A20-6E22-4E07-A024-C04553941A31} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {38788CB3-BCAA-4998-8295-D71EF8641E5E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5311304 2023-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {CE50DD48-5F71-4A44-AA36-B033E0E7A386} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Michal\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-10-02] (ESET, spol. s r.o. -> ESET)
Task: {D6A92736-AD10-4EDC-A86F-DA4ED03F0A8C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Michal\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-10-02] (ESET, spol. s r.o. -> ESET)
Task: {2BBC795B-31F2-4D54-925C-A9F22AC5C929} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {4F8A3576-C622-4243-A364-E22C8041FCEF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-09-29] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {97DF1A66-51AB-4D59-8E90-929906E3CAA5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-29] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{36062e97-b837-4c90-a763-a03b64506a71}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41766173-7453-6f66-7477-617265415357}: [NameServer] 100.126.0.1
Tcpip\..\Interfaces\{86183110-57d5-4d94-a578-319b44cd41b5}: [NameServer] 100.120.128.1

Edge:
=======
Edge Profile: C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-02]
Edge Extension: (Edge relevant text changes) - C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-02]

FireFox:
========
FF DefaultProfile: ct6nf0t2.default-1512936354244
FF ProfilePath: C:\Users\Michal\AppData\Roaming\TomTom\HOME\Profiles\2f62k23k.default [2023-05-06]
FF Extension: (MazdaTheme) - C:\Users\Michal\AppData\Roaming\TomTom\HOME\Profiles\2f62k23k.default\Extensions\MazdaTheme@mazda.com [2023-05-06] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default [2021-10-15]
FF Extension: (Czech (cs) Language Pack) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\langpack-cs@getnightingale.com [2021-10-06] [Legacy] [not signed]
FF Extension: (mashTape) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\mashTape@getnightingale.com [2021-10-06] [Legacy] [not signed]
FF Extension: (SoundCloud) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\soundcloud@songbirdnest.com [2021-10-06] [Legacy] [not signed]
FF Extension: (MLyrics) - C:\Users\Michal\AppData\Roaming\Nightingale\Profiles\nhzw3ffx.default\Extensions\{6039188e-d135-11df-bcc9-c7e1ded72085} [2021-10-06] [Legacy] [not signed]
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 [2023-10-02]
FF Homepage: Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 -> www.seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244 -> hxxps://www.fischer.cz; hxxps://www.youtube.com; hxxps://www.invia.cz
FF Extension: (Avast SecureLine VPN) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244\Extensions\secureline-vpn@avast.com.xpi [2021-10-20]
FF Extension: (ColorZilla) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ct6nf0t2.default-1512936354244\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-12-21]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1405961527-2406829358-1402099359-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2023-10-02]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-12]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Avast SecureLine VPN) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\phmegojolgpbbcnhccbfneddlooepbpd [2023-01-11]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-10-02]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-03]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-04-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-27]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-10-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-02]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9090968 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [776088 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2304920 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [796568 2023-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\116.0.22388.188\elevation_service.exe [1837968 2023-09-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc -> Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc -> Dell Inc.)
S2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc -> Dell Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [11017624 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17938232 2023-09-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 TTHOMEService; C:\Program Files (x86)\TomTom HOME 2\TTHOMEService.exe [437248 2023-06-15] (TomTom) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-08-08] (Synology Inc. -> ) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191872 2019-06-18] (Sony) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [240176 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392984 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297992 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [96064 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39760 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275168 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559696 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [950696 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [708048 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213192 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319560 2023-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76568 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2022-12-05] (Avast Software s.r.o. -> AVAST Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [498992 2022-06-12] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S1 netfilter2; system32\drivers\netfilter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 16:09 - 2023-10-02 16:18 - 000007125 _____ C:\Users\Michal\Downloads\Fixlog.txt
2023-10-02 15:56 - 2023-10-02 11:58 - 000001277 _____ C:\Users\Michal\Desktop\ESET Online Scanner - kopie.lnk
2023-10-02 15:56 - 2020-11-09 16:42 - 000000863 _____ C:\Users\Michal\Desktop\CCleaner.lnk
2023-10-02 15:53 - 2023-10-02 15:53 - 000003862 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-10-02 15:53 - 2023-10-02 15:53 - 000003420 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-10-02 11:58 - 2023-10-02 11:58 - 000001277 _____ C:\Users\Michal\Desktop\ESET Online Scanner.lnk
2023-10-01 22:01 - 2023-10-01 22:01 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64 (2).exe
2023-10-01 20:57 - 2023-10-01 21:01 - 000000000 ____D C:\AdwCleaner
2023-10-01 20:57 - 2023-10-01 20:57 - 008791352 _____ (Malwarebytes) C:\Users\Michal\Downloads\adwcleaner.exe
2023-10-01 20:57 - 2023-10-01 20:57 - 000780985 _____ C:\Users\Michal\Desktop\admin-standard-mp (1).pdf
2023-10-01 19:13 - 2023-10-01 19:13 - 000780985 _____ C:\Users\Michal\Downloads\admin-standard-mp.pdf
2023-10-01 18:38 - 2023-10-01 22:03 - 000037835 _____ C:\Users\Michal\Downloads\Addition.txt
2023-10-01 18:37 - 2023-10-02 16:20 - 000029963 _____ C:\Users\Michal\Downloads\FRST.txt
2023-10-01 18:37 - 2023-10-02 16:20 - 000000000 ____D C:\FRST
2023-10-01 18:37 - 2023-10-01 18:37 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2023-10-01 18:37 - 2023-10-01 18:37 - 002382848 _____ (Farbar) C:\Users\Michal\Downloads\FRST64 (1).exe
2023-09-30 21:40 - 2023-10-02 11:58 - 000001383 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-09-30 21:40 - 2023-09-30 21:40 - 015274968 _____ (ESET) C:\Users\Michal\Downloads\esetonlinescanner.exe
2023-09-30 15:38 - 2023-09-30 15:38 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-09-29 15:50 - 2023-09-30 20:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-22 21:02 - 2023-09-22 21:02 - 000000000 ____D C:\Users\Michal\Desktop\MATURITA
2023-09-21 20:50 - 2023-09-21 20:50 - 000754341 _____ C:\Users\Michal\Downloads\PSY - prezentace 1. blok - 1.-3.DK 1. roč. 2023-24.pptx
2023-09-20 19:32 - 2023-09-20 19:32 - 000000000 _____ C:\Users\Michal\Downloads\jurčíková_2010_dp.pdf
2023-09-20 19:26 - 2023-09-20 19:26 - 001719460 _____ C:\Users\Michal\Downloads\Pedag_1970_3_06_Diagnosticke_399_426.pdf
2023-09-18 21:56 - 2023-09-18 21:57 - 019445201 _____ C:\Users\Michal\Downloads\Uždil Jaromír - Čáry, klikyháky, paňáci a auta.pdf
2023-09-18 21:20 - 2023-09-18 21:23 - 050792417 _____ C:\Users\Michal\Downloads\Didaktika VV vývoj dětské kresby a znaky dětské kresby.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000148153 _____ C:\Users\Michal\Downloads\10-Péče-o-děti-vychovávané-mimo-rodinu-náhradní-výchovná-péče.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000128344 _____ C:\Users\Michal\Downloads\07-Pedagogika-volného-času.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000086026 _____ C:\Users\Michal\Downloads\3-Formy-výchovy-a-vzdělávání-1.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000086026 _____ C:\Users\Michal\Downloads\3-Formy-výchovy-a-vzdělávání.pdf
2023-09-18 19:07 - 2023-09-18 19:07 - 000072603 _____ C:\Users\Michal\Downloads\9. MO nastin vyvoje predskolni vyhky a vzdelavani.pdf
2023-09-18 18:48 - 2023-09-18 18:48 - 008506151 _____ C:\Users\Michal\Downloads\20230913_190502.mp4
2023-09-15 15:05 - 2023-09-15 15:05 - 000021573 _____ C:\Users\Michal\Downloads\Premium-1.7.xlsx
2023-09-13 21:42 - 2023-09-13 21:42 - 000000000 ___HD C:\$WinREAgent
2023-09-12 21:58 - 2023-09-12 21:58 - 000504516 _____ C:\Users\Michal\Downloads\FatSorter-1.0.4.zip
2023-09-12 21:36 - 2023-09-12 21:36 - 000406596 _____ C:\Users\Michal\Downloads\ilovepdf_pages-to-jpg (1).zip
2023-09-12 21:35 - 2023-09-12 21:35 - 000192134 _____ C:\Users\Michal\Downloads\2021-2022 Potvrzení, čestné prohlášení o pedagogické praxi vedoucího maturitní práce-2.pdf
2023-09-12 21:28 - 2023-09-12 21:28 - 002179201 _____ C:\Users\Michal\Downloads\PSY - 1. blok - 2. DK3,4 - 2. roč..pptx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 16:20 - 2017-12-10 21:29 - 000000000 ____D C:\Temp
2023-10-02 16:19 - 2020-11-05 22:29 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-10-02 16:19 - 2020-11-05 22:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-02 16:19 - 2020-11-05 22:21 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-02 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-02 16:19 - 2017-12-10 21:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-02 16:19 - 2017-12-10 21:46 - 000000000 ____D C:\Program Files\CCleaner
2023-10-02 16:19 - 2017-12-10 21:35 - 000000000 ____D C:\ProgramData\AVAST Software
2023-10-02 16:19 - 2017-12-10 21:31 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-02 16:18 - 2022-12-07 20:16 - 000000000 ____D C:\Users\Michal\AppData\LocalLow\Temp
2023-10-02 16:18 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-02 16:17 - 2021-12-17 23:09 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-02 16:17 - 2017-12-10 21:36 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-02 16:01 - 2017-12-10 21:52 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Word
2023-10-02 15:51 - 2020-11-05 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-01 22:58 - 2022-02-10 16:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-01 21:56 - 2020-11-05 22:30 - 003155042 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-01 21:56 - 2020-11-05 22:08 - 000416836 _____ C:\WINDOWS\system32\prfh0804.dat
2023-10-01 21:56 - 2020-11-05 22:08 - 000132544 _____ C:\WINDOWS\system32\prfc0804.dat
2023-10-01 21:56 - 2020-11-05 22:07 - 000760672 _____ C:\WINDOWS\system32\perfh019.dat
2023-10-01 21:56 - 2020-11-05 22:07 - 000151380 _____ C:\WINDOWS\system32\perfc019.dat
2023-10-01 21:56 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2023-10-01 21:56 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2023-10-01 21:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-01 21:50 - 2018-11-18 18:52 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Samsung
2023-10-01 19:05 - 2017-12-13 17:06 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Excel
2023-10-01 18:33 - 2023-01-05 16:13 - 000000000 ____D C:\Users\Michal\AppData\Roaming\eM Client
2023-10-01 12:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-01 12:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-01 12:29 - 2020-06-07 00:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-30 21:47 - 2021-12-15 16:12 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2023-09-30 20:26 - 2017-12-10 21:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-30 20:26 - 2017-12-10 21:36 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-30 20:21 - 2022-12-15 16:34 - 000000000 ____D C:\ProgramData\Piriform
2023-09-30 20:11 - 2022-09-20 14:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-30 20:11 - 2017-12-10 21:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-30 15:38 - 2020-11-05 22:29 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-09-30 15:38 - 2020-10-17 15:02 - 000275168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-09-30 15:38 - 2020-04-22 15:33 - 000559696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-09-30 15:38 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-30 15:38 - 2019-01-14 18:52 - 000392984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-09-30 15:38 - 2019-01-07 13:35 - 000297992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-09-30 15:38 - 2019-01-07 13:35 - 000096064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-09-30 15:38 - 2018-10-22 20:09 - 000039760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000950696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000708048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000319560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000240176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-09-30 15:38 - 2017-12-10 21:36 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-09-30 15:13 - 2021-12-12 22:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1405961527-2406829358-1402099359-1001
2023-09-30 15:13 - 2020-11-05 22:29 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1405961527-2406829358-1402099359-1001
2023-09-30 15:13 - 2020-11-05 22:22 - 000002384 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-30 15:10 - 2017-12-10 22:05 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-27 21:51 - 2023-08-30 20:14 - 000000000 ____D C:\Users\Michal\Desktop\USB90
2023-09-27 20:48 - 2023-06-29 21:19 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-09-27 20:48 - 2022-09-20 14:58 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-27 20:48 - 2021-12-15 16:13 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-09-27 20:48 - 2021-12-15 16:13 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2023-09-27 20:48 - 2021-12-15 16:12 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-09-27 20:48 - 2021-12-15 16:12 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-09-27 20:48 - 2021-08-19 15:12 - 000002256 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Michal
2023-09-27 20:48 - 2020-11-05 22:29 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-27 20:48 - 2020-11-05 22:29 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-27 20:48 - 2020-11-05 22:29 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-27 20:48 - 2020-11-05 22:29 - 000002396 _____ C:\WINDOWS\system32\Tasks\BundleApplicationRepairToolLauncherTask
2023-09-27 20:48 - 2020-11-05 22:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-09-26 12:17 - 2018-06-10 16:56 - 000000000 ____D C:\Users\Michal\Documents\pyramidak
2023-09-26 12:17 - 2018-06-10 16:56 - 000000000 ____D C:\Users\Michal\AppData\Roaming\pyramidak
2023-09-26 11:31 - 2018-07-03 17:56 - 000000000 ____D C:\ProgramData\Packages
2023-09-21 19:01 - 2021-12-15 16:13 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2023-09-13 22:33 - 2020-11-05 22:21 - 000572792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-13 22:32 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-13 22:32 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-13 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-13 21:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-13 21:46 - 2020-11-05 22:25 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-13 21:39 - 2017-12-10 21:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 21:36 - 2017-12-10 21:53 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-12 21:50 - 2022-12-16 19:56 - 000000000 ____D C:\Users\Michal\Desktop\ŠKOLA MB
2023-09-07 22:14 - 2023-07-06 20:25 - 000000000 ____D C:\Users\Michal\Desktop\Nabídky k prodeji
2023-09-07 19:28 - 2021-09-17 19:22 - 000000000 ____D C:\Users\Michal\Desktop\HISTORIE
2023-09-07 19:26 - 2023-03-03 17:13 - 000000000 ____D C:\Users\Michal\Desktop\Formuláře
2023-09-02 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2019-06-30 21:30 - 2020-06-20 13:33 - 000007617 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#11 Příspěvek od mhk »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Michal (02-10-2023 16:20:47)
Running from C:\Users\Michal\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2020-11-05 20:29:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1405961527-2406829358-1402099359-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1405961527-2406829358-1402099359-503 - Limited - Disabled)
Guest (S-1-5-21-1405961527-2406829358-1402099359-501 - Limited - Disabled)
Michal (S-1-5-21-1405961527-2406829358-1402099359-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-1405961527-2406829358-1402099359-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advanced MID Converter (HKLM-x32\...\Advanced MID Converter) (Version: 2.0 - Gold-Software Development)
Altap Salamander 3.08 (x64) (HKLM\...\Altap Salamander 3.08 (x64)) (Version: 3.08 - ALTAP)
AnyMP4 Video Converter Ultimate 8.5.10 (HKLM-x32\...\{B77ACAAE-53EE-43c3-86F1-4AEA52F6CDD5}_is1) (Version: 8.5.10 - AnyMP4 Studio)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Audacity 3.2.5 (64bitový) (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Avast SecureLine VPN (HKLM\...\%V_PRODUCT_UNINSTALL_REG_KEY%) (Version: 5.6.4971.434 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.27.8746.9512 - Avast Software)
Balíček ovladače systému Windows - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
Disk Google (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\5372b2ce9d2c4998a64f36bd745fb121) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\252dcccb2e5e3b1d70ccb30b6147c2b0) (Version: 1.0 - Google\Chrome)
eM Client (HKLM-x32\...\{3264F314-B940-4CE3-81F0-EA8AA2C2DD45}) (Version: 9.2.1577.0 - eM Client Inc.)
Envisioneer Express 7 (HKLM-x32\...\{F84B62D4-2F12-4F17-A274-ADA8032EB44B}) (Version: 7.0 - Cadsoft Corporation) Hidden
Envisioneer Express 7 (HKLM-x32\...\InstallShield_{F84B62D4-2F12-4F17-A274-ADA8032EB44B}) (Version: 7.0 - Cadsoft Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Free Burn MP3-CD v1.2 (HKLM-x32\...\Free Burn MP3-CD_is1) (Version: 1.2 - www.nbxsoft.com)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - Eusing Software)
Gmail (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\2360c0b094e8d99c838854af8acfe5f7) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Incomedia WebSite X5 - Evolution (HKLM\...\{B16A8D0F-BD9E-47FA-BD57-595831679B0B}_is1) (Version: 16.0.3.0 - Incomedia s.r.l.)
Incomedia WebSite X5 v13 - Evolution (HKLM\...\{F63FFE16-449A-4BAB-B484-894097882CDD}_is1) (Version: 13.0.0.14 - Incomedia s.r.l.)
Incomedia WebSite X5 v14 - Evolution (HKLM\...\{3375892E-1801-4D15-A6C4-ED60F3FEDCF4}_is1) (Version: 14.0.1.1 - Incomedia s.r.l.)
Incomedia WebSite X5 v15 - Evolution (HKLM\...\{7AA7E155-503E-44B9-AC33-93B1B81687AF}_is1) (Version: 15.0.1.0 - Incomedia s.r.l.)
ISDOCReader 4.0.1 (HKLM-x32\...\{B4BD968A-B913-44B7-BD0D-DC966B149197}) (Version: 4.0.1 - ABRA Software a.s.)
Kalendář (HKLM\...\Kalendar) (Version: 3.6.8 - pyramidak)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - )
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Teams) (Version: 1.5.00.28567 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 118.0.1 (x64 cs)) (Version: 118.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.2.0 - Mozilla)
Mp3tag v3.18 (HKLM\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF-XChange Editor (HKLM\...\{EB67548E-423F-49EE-932F-D02CD88B73BA}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{3892aa3e-dfc3-4ae3-998a-6d393065355a}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.)
PerfV350 Uživatelská příručka (HKLM-x32\...\PerfV350 Uživatelská příručka) (Version: - )
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Portfolio Performance (HKLM-x32\...\Portfolio Performance) (Version: 0.60.2 - Andreas Buchen)
Prezentace (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\d301bd3f2bb47b0fabe4e02571f8dbb7) (Version: 1.0 - Google\Chrome)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Sadovnická projekce (HKLM-x32\...\Sadovnická projekce_is1) (Version: - Karel Rys)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SD Card Recovery (HKLM-x32\...\{09907A60-5843-4E83-A471-3102A42231B8}_is1) (Version: - LC Technology International, Inc.)
Služba Xperia Companion (HKLM\...\{3F33E34E-C93B-4779-9B75-174EB86A64E0}) (Version: 2.5.3.0 - Sony) Hidden
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\Update Engine) (Version: 2.19.7.201905231210 - Sony Mobile Communications Inc.)
Sony USB Driver (HKLM-x32\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.1-15163 - Synology)
Tabulky (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\60e427a99820ebc41b55717f5fd8b176) (Version: 1.0 - Google\Chrome)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.46.5 - TeamViewer)
TomTom HOME 2.21.21.3131738 (HKLM\...\TomTom HOME) (Version: 2.21.21.3131738 - TomTom)
TomTom MyDrive Connect 4.3.3.5010 (HKLM-x32\...\MyDriveConnect) (Version: 4.3.3.5010 - TomTom)
TP-Link PLC Utility (HKLM-x32\...\{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.4137.4 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.4137.4 - TP-Link)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebSite X5 Optimizer (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\website-x5-optimizer) (Version: 1.10.0 - Incomedia srl)
WinFast Multimedia Driver Installation (HKLM-x32\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version: - Multimedia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{1017C503-1AD0-4982-A4DA-406200D7E375}) (Version: 2.5.3.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{8c78e3be-2cef-41ed-91c7-78af87572445}) (Version: 2.5.3.0 - Sony)
YouTube (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\62b35a98d436b16b15a647ac3fe8f3e0) (Version: 1.0 - Google\Chrome)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
Zoom (HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2022-04-14] (Autodesk Inc.)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-13] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-11-01] (Canon Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-12] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-31] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-14] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-12] (NVIDIA Corp.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Studios) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2022-04-14] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1405961527-2406829358-1402099359-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Michal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22272.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1405961527-2406829358-1402099359-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Michal\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2017-12-10 21:41 - 2016-12-27 16:36 - 000013312 _____ (ALTAP) [File not signed] C:\Program Files\Altap Salamander\utils\salextx64.dll
2018-07-01 21:22 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2017-11-15 14:16 - 2017-11-15 14:16 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2018-07-01 21:22 - 2017-11-07 16:37 - 000088064 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2018-07-01 21:22 - 2017-11-07 16:37 - 000200192 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9485DACB [143]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2019-01-04 19:14 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Zoner\ZPS 17\ZPSWallPaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1405961527-2406829358-1402099359-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{826AF92A-446A-42D5-8956-4A14C6F88A39}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{167D9C34-CBF8-494A-9440-6B6CEE3536BD}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1BE9780E-BA76-4126-A945-128C2BE9EECB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{FD691A84-3331-4759-9C23-B877623C1C87}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E9CBEC8-0591-4E96-8FC5-6F1450058D00}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1D78F569-A1B0-4109-9E0A-8538029E45F9}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{FDF96311-7C46-4E32-B881-92A6E438994A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{9E5C0917-51D3-401F-B2A8-DECD71C7367C}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{526DE0F9-0819-4EDF-885B-242149A1A7E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9C3BF651-653B-4033-B122-92E84E497127}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9D00E887-4E22-462B-A365-1CA19EC00E44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A2FCA02E-3E1E-4236-AEB5-4E7482F30B33}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9EF8AA30-533C-46BF-8390-393232A900DB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C604E9A4-22CC-4F25-970A-5D15EE7DD7E1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{1D652529-B4F5-444C-A1DA-01A06975B41B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [{1C4B55A7-7188-472A-A445-23D59297C3FE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AD5CD4C1-87AD-4271-A77B-F2F5900BF4CB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F54EA0B5-7EF6-4E8E-A5E0-E974D7DA0826}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3D77E9A8-2F9D-463F-B17D-15BF6A4E9D7A}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{385A22B5-B476-4511-815F-C90314366D24}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{627D08C2-68A0-42D3-88B6-C819476B2E99}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{51DB80BD-60B0-4B11-B00D-BAA0DB58CBC4}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{6D0F8BA0-145C-479E-A79F-BEC6E985DB96}] => (Allow) C:\Users\Michal\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{86CD9BA0-544C-49FB-8D71-A6C21E639DF6}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{68797BE8-8991-4430-AC31-E74E259DF0E8}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{0D88B69C-F0FB-4C4D-997B-FAB1DC17167F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28660FE3-84D4-4E94-96F8-2F6D52E49D0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{914EB7E7-557A-44E6-BC7C-47A6A85182BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ED3B468-B1A7-4F83-B40E-1E6A8C6E8304}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D96B6009-C24C-4688-955A-8AED17D0BDF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{39C92081-62E0-40FF-A940-AF4B4D67CDC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-09-2023 22:42:58 Naplánovaný kontrolní bod
30-09-2023 16:10:54 Naplánovaný kontrolní bod
01-10-2023 21:01:44 AdwCleaner_BeforeCleaning_01/10/2023_21:01:44
01-10-2023 21:50:15 AdwCleaner_BeforeCleaning_01/10/2023_21:50:15

==================== Faulty Device Manager Devices ============

Name: Dell Diag Control Device
Description: Dell Diag Control Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Dell Computer Corporation
Service: DDDriver
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/02/2023 04:01:55 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : Word – bylo zjištěno, že je stisknuta klávesa Ctrl. Chcete spustit Word v nouzovém režimu?.
Rejected Safe Mode action : Microsoft Word.

Error: (10/02/2023 04:01:26 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word – bylo zjištěno, že je stisknuta klávesa Ctrl. Chcete spustit Word v nouzovém režimu?.
Accepted Safe Mode action : Microsoft Word.

Error: (10/02/2023 03:56:35 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (10/02/2023 03:56:32 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (10/02/2023 03:56:32 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (10/02/2023 03:54:26 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (10/02/2023 11:48:25 AM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.

Error: (10/02/2023 08:04:45 AM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Odkaz na objekt není nastaven na instanci objektu.


System errors:
=============
Error: (10/02/2023 04:19:29 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-9IJAJ0J)
Description: Nelze spustit server DCOM: Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXea6epmb5w19sjwy9ckw8md46dm93nhkq.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca

Error: (10/02/2023 04:19:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (10/02/2023 04:19:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys

Error: (10/02/2023 04:19:20 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: DDDriver64Dcsa.sys

Error: (10/02/2023 04:09:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/02/2023 04:09:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TTHOMEService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/02/2023 04:09:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba TeamViewer byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.

Error: (10/02/2023 04:09:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell SupportAssist Agent byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 32767 milisekund: Spustit nakonfigurovaný program pro obnovení.


CodeIntegrity:
===============
Date: 2023-10-02 16:21:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-10-02 16:20:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F5 11/09/2017
Motherboard: Gigabyte Technology Co., Ltd. Z370 HD3P-CF
Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 21%
Total physical RAM: 16330.05 MB
Available physical RAM: 12790.86 MB
Total Virtual: 18762.05 MB
Available Virtual: 14029.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.28 GB) (Free:112.25 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:50.92 GB) (Model: SAMSUNG HD501LJ) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) (Model: ST3120026AS) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:111.69 GB) (Free:35.78 GB) (Model: ST3120026AS) NTFS

\\?\Volume{176363ce-7b27-4e2a-ae42-b131c20c6b57}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{491994cd-6ec3-47b9-a532-3914c6c0de8c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 328AF01A)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: AB2BB0C0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 46D846D7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Velmi podivné chování PC

#12 Příspěvek od Rudy »

Rád bych viděl obsah soubou fixlog.txt. Je v C:\Users\Michal\Downloads. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#13 Příspěvek od mhk »

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Michal (02-10-2023 16:09:40) Run:1
Running from C:\Users\Michal\Downloads
Loaded Profiles: Michal
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {15661CF0-A921-4452-A622-95FE7D26B460} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {7A23F3C0-CEC3-48B2-A6FD-BACFABDA766E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Michal\AppData\Roaming\cdr.ini
C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15661CF0-A921-4452-A622-95FE7D26B460}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15661CF0-A921-4452-A622-95FE7D26B460}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A23F3C0-CEC3-48B2-A6FD-BACFABDA766E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A23F3C0-CEC3-48B2-A6FD-BACFABDA766E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com => path removed successfully
C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com => path removed successfully
C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com => path removed successfully
C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com => path removed successfully
C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com => path removed successfully
C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com => path removed successfully
C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com => path removed successfully
C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com => path removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Michal\AppData\Roaming\cdr.ini => moved successfully
C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15453524 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2279812 B
Edge => 13312 B
Chrome => 73181510 B
Firefox => 28401074 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Michal => 10062972 B

RecycleBin => 0 B
EmptyTemp: => 124.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:18:40 ====
Nahoru
mhk
Návštěvník
Návštěvník
Příspěvky: 51
Registrován: 19 lis 2008 12:08

Re: Velmi podivné chování PC

#14 Příspěvek od mhk »

Hoodně se to zlepšilo, již se nekopírují soubory na ploše, v Google Chromu se zničehonic neobjevují další záložky atd.
Zatím... to vypadá dobře a PC funguje jak má
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Velmi podivné chování PC

#15 Příspěvek od Rudy »

OK. To jsem rád. Pokud je vše v pořádku, je to z mé strany vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“