Manželce se začaly přes Messenger samy odesílat zprávy s virem. Nevíme, zda zdrojem je PC nebo telefon.
PC posílám níže:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by HP (administrator) on DESKTOP-VEVD5JH (Hewlett-Packard HP ProBook 640 G1) (10-10-2023 22:22:57)
Running from C:\Users\HP\Desktop\FRST64.exe
Loaded Profiles: HP
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() <==== ATTENTION [zero byte? (Error=126)] C:\Program Files (x86)\Mozilla Maintenance Service\update\updater.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17>
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\updater.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> Comodo) C:\Program Files (x86)\COMODO\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\HP\AppData\Local\Microsoft\OneDrive\23.194.0917.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [225248 2017-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.150\Installer\chrmstp.exe [2023-10-09] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {C4DE68C4-3876-49AE-A8BC-A17985313F7E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
Task: {F4EE81AD-7DAD-4787-B44B-B0E4E27F9060} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {8D3444ED-0E69-4FF9-A326-A5DC1CF35180} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {1855E54C-F253-4E78-8E8F-2433FA382023} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F5561F01-14F9-4249-B60B-7B263C9CBFF4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A7FC8621-9F90-4EB8-8162-B9E0AD774267} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7F19735F-B631-46C2-AEFE-0DC381C781EA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A84C2501-6556-4C90-8186-24FE4F074BA4} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C74558F1-EF24-437F-99DE-50D41E92C250} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {90885C5E-6746-4DE2-A282-AC1412E4C900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
Task: {39B178D2-2DA5-483F-B16C-DAA69FC90CD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
Task: {DB35F724-D9E4-44E2-BF81-1F77EE63D30D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [891432 2018-08-31] (HP Inc. -> HP)
Task: {17135676-AE1D-467D-88F3-F7B9303B0461} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {687CDD31-B533-4E3F-95EF-0D6B9073E370} - System32\Tasks\Opera scheduled Autoupdate 1661414076 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe [2744224 2023-09-28] (Opera Norway AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a70b78c1-5608-40c9-bcf8-9fa2d01cf526}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{a70b78c1-5608-40c9-bcf8-9fa2d01cf526}: [DhcpNameServer] 10.100.100.10 8.8.8.8
Tcpip\..\Interfaces\{cfb411ed-af9c-4eae-8eee-c9f142b35e77}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-21]
Edge Extension: (Edge relevant text changes) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-11]
FireFox:
========
FF DefaultProfile: 08b35k38.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\08b35k38.default [2022-04-18]
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbucvv3n.default-release [2023-10-10]
FF Session Restore: Mozilla\Firefox\Profiles\cbucvv3n.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\cbucvv3n.default-release -> hxxps://cz.pinterest.com; hxxps://prm.com
Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2023-10-10]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-18]
Opera:
=======
OPR Profile: C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable [2023-09-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-08-25]
OPR Extension: (Opera Crypto Wallet) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-08-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-04-18] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2260208 2023-09-08] (Comodo Security Solutions, Inc. -> Comodo)
R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [22528 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [969256 2018-08-31] (HP Inc. -> HP)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1128992 2017-12-12] (HP Inc. -> HP)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [618536 2018-08-31] (HP Inc. -> HP)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [82944 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
S3 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [439544 2022-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-10 22:22 - 2023-10-10 22:24 - 000018591 _____ C:\Users\HP\Desktop\FRST.txt
2023-10-10 22:22 - 2023-10-10 22:23 - 000000000 ____D C:\FRST
2023-10-10 22:17 - 2023-10-10 22:17 - 002383360 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2023-10-10 21:47 - 2023-10-10 21:47 - 000000000 ___HD C:\$WinREAgent
2023-10-09 21:06 - 2023-10-09 21:06 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-25 22:57 - 2023-09-25 23:00 - 197143389 _____ C:\Users\HP\Desktop\animace Neškola.mp4
2023-09-16 00:07 - 2023-09-16 00:07 - 000087605 _____ C:\Users\HP\Desktop\Prihlaska_Farmarske trhy zima_2023.ods
2023-09-15 23:52 - 2023-09-16 00:09 - 000087868 _____ C:\Users\HP\Desktop\Prihlaska_Farmarske trhy podzim_2023.ods
2023-09-13 11:59 - 2023-09-13 11:59 - 000000000 ____D C:\Users\HP\AppData\Local\OneDrive
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-10 22:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-10 22:22 - 2023-05-27 22:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-10 22:22 - 2022-04-18 12:15 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2023-10-10 22:21 - 2022-04-18 12:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-10 21:52 - 2022-03-18 15:21 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-10 21:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-10 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-10 21:50 - 2022-03-18 15:26 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-10 21:50 - 2019-12-07 16:43 - 000683426 _____ C:\Windows\system32\perfh005.dat
2023-10-10 21:50 - 2019-12-07 16:43 - 000137206 _____ C:\Windows\system32\perfc005.dat
2023-10-10 21:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-10-10 21:49 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-10-10 21:45 - 2022-04-18 12:11 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-10 21:45 - 2022-03-18 16:08 - 000000000 ____D C:\Windows\SystemTemp
2023-10-10 21:43 - 2022-03-18 15:41 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2023-10-10 21:42 - 2023-05-27 22:14 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-10 21:42 - 2022-03-18 16:04 - 000000000 ____D C:\ProgramData\Synaptics
2023-10-10 21:42 - 2022-03-18 15:20 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-10 21:42 - 2022-03-18 15:20 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-10 21:42 - 2022-03-18 15:20 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-10-09 21:38 - 2022-04-18 12:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-09 21:38 - 2022-04-18 12:12 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-09 21:32 - 2022-04-18 12:11 - 000000000 ____D C:\Users\HP\AppData\Local\Avast Software
2023-10-09 21:09 - 2023-05-26 19:33 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1628403915-3803302158-3255603873-1001
2023-10-09 21:09 - 2022-03-18 15:40 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1628403915-3803302158-3255603873-1001
2023-10-09 21:09 - 2022-03-18 15:38 - 000002372 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-09 21:07 - 2022-04-18 12:07 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-10-09 21:06 - 2022-04-18 12:07 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-10-09 21:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-09 21:01 - 2022-03-18 15:38 - 000000000 ____D C:\Users\HP
2023-10-02 22:21 - 2022-08-25 09:54 - 000004182 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1661414076
2023-10-02 22:21 - 2022-08-25 09:54 - 000001400 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-09-25 23:09 - 2022-08-25 09:54 - 000001404 _____ C:\Users\HP\Desktop\Prohlížeč Opera.lnk
2023-09-25 23:09 - 2022-03-18 15:38 - 000002350 _____ C:\Users\HP\Desktop\Microsoft Edge.lnk
2023-09-25 22:17 - 2022-03-18 15:38 - 000000000 ____D C:\ProgramData\Packages
2023-09-22 23:29 - 2022-03-18 15:38 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2023-09-19 22:32 - 2022-04-18 12:11 - 000003768 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-19 22:32 - 2022-04-18 12:11 - 000003644 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-19 22:29 - 2022-04-18 11:57 - 000000000 ____D C:\ProgramData\Avast Software
2023-09-16 02:28 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-09-16 02:27 - 2022-03-18 15:20 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-16 02:26 - 2019-12-07 16:47 - 000000000 ___SD C:\Windows\system32\AppV
2023-09-16 02:26 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-15 23:14 - 2022-03-18 15:24 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-09-15 22:56 - 2022-03-18 15:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-15 22:54 - 2022-03-18 15:45 - 000000000 ____D C:\Windows\system32\MRT
2023-09-15 22:50 - 2022-03-18 15:45 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-09-13 12:00 - 2022-04-18 12:14 - 000000000 ____D C:\Program Files (x86)\COMODO
==================== Files in the root of some directories ========
2022-06-04 11:16 - 2021-11-10 09:18 - 000451976 _____ (COMODO) C:\ProgramData\cmdres.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vir na PC nebo telefonu - prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vir na PC nebo telefonu - prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by HP (10-10-2023 22:27:45)
Running from C:\Users\HP\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2022-03-18 13:22:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1628403915-3803302158-3255603873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1628403915-3803302158-3255603873-503 - Limited - Disabled)
Guest (S-1-5-21-1628403915-3803302158-3255603873-501 - Limited - Disabled)
HP (S-1-5-21-1628403915-3803302158-3255603873-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-1628403915-3803302158-3255603873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 116.0.5845.141 - Comodo)
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (HKLM\...\{529CC629-B436-4886-B322-4BE75B97783D}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.150 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
HP Hotkey Support (HKLM-x32\...\{5CA104DB-9884-4CDB-B31B-B977EACC7B3D}) (Version: 6.2.50.1 - HP Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\...\OneDriveSetup.exe) (Version: 23.194.0917.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.2 (x64 cs)) (Version: 113.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 99.0.1 - Mozilla)
Opera Stable 102.0.4880.78 (HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\...\Opera 102.0.4880.78) (Version: 102.0.4880.78 - Opera Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-22] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-10-02] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.5.0_x86__3h5nez1g3qt2c [2023-06-05] (GT Office PDF Studio)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.928.1334.242_neutral__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is disabled.
Network Binding:
=============
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Síťové připojení Bluetooth: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: CmdAgent => 2
MSCONFIG\Services: cmdvirth => 3
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F4F3C161-62EC-4382-B43F-DFC7CE4DE500}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E4859FD0-E56D-44FF-88BA-A8ECCAA7C13E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{786BFFEB-368A-4790-8443-2291710DB50F}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{325181FE-66B5-4A2E-9A69-DDAAD8E251FF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{7780DB5F-2E39-48D4-9DA6-7B9D39D4BCD3}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{CE080E44-9960-4FF7-9695-3F617B44DAA6}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{7E11FFBB-B370-428E-9871-681D93E0F6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{883482DA-78B2-4DB0-A21A-CD75C9E0DEE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB135B6D-DB19-494C-8211-9226283A5F1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4E55F5C9-9B31-4134-9BDD-7DD34C3F3BB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EEE351CB-385B-4869-B1C0-5A07DFEE8898}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8B10708B-09FC-47C2-B67A-37E544E19E8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6CE4D6BE-BC8D-4461-89D8-B34F2E002EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1C2A1348-76FB-4C1D-A496-CB798E77B29A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{74DD3915-5509-4170-B6D6-64BC50536653}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{55FB2323-3432-4D08-B2B7-782DFEC69243}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C79210A6-638E-4021-9B61-74DBD2B008DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC45A4B4-BB28-4716-B776-BB6C6C4D4823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC6586F0-9711-4E40-B28F-AE3111CAF337}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5CEF8ADB-0E3C-419A-9F46-317E2A27324F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11A9955C-1E39-4F42-8565-DB82B42023FC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BBA97FC3-E7B1-4B67-8897-8647D7992C1F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10148C79-EFC6-4ECA-A0CD-8F65EBF4BDA7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3AAFFE66-7334-4A68-9985-17B44C1845BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30D11467-F488-462D-B92B-674D7674485F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F616DFBA-549D-4566-8D5F-9882654F6CFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:953.64 GB) (Free:898.86 GB) (94%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/10/2023 09:45:57 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/04/2023 10:19:49 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (10/02/2023 02:54:22 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/29/2023 03:27:46 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/28/2023 03:00:20 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (10/10/2023 10:29:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (10/10/2023 09:42:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:21:29, 09.10.2023) bylo neočekávané.
Error: (10/09/2023 09:01:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:38:47, 09.10.2023) bylo neočekávané.
Error: (10/05/2023 02:18:10 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (10/04/2023 10:48:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (10/02/2023 10:16:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4NNS1-Microsoft.DesktopAppInstaller.
Error: (10/02/2023 10:16:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (10/02/2023 02:52:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Windows Defender:
================
Date: 2022-03-22 15:29:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CDC4A98F-DCCC-4F2D-A63F-3350E8873CAF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-03-21 07:11:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D715F84-9085-4678-AA81-B146F1B25E1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-10-10 22:28:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-10-10 22:19:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard L78 Ver. 01.02 12/05/2013
Motherboard: Hewlett-Packard 2101
Processor: Intel(R) Core(TM) i5-4300M CPU @ 2.60GHz
Percentage of memory in use: 63%
Total physical RAM: 8089.09 MB
Available physical RAM: 2920.99 MB
Total Virtual: 20889.09 MB
Available Virtual: 14881.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.64 GB) (Free:898.86 GB) (Model: SSD_2.5"_1TB_InnovationIT_QLC) NTFS
\\?\Volume{37bc9695-d24e-4788-866e-51b04b66678d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 41AFE695)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by HP (10-10-2023 22:27:45)
Running from C:\Users\HP\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2022-03-18 13:22:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1628403915-3803302158-3255603873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1628403915-3803302158-3255603873-503 - Limited - Disabled)
Guest (S-1-5-21-1628403915-3803302158-3255603873-501 - Limited - Disabled)
HP (S-1-5-21-1628403915-3803302158-3255603873-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-1628403915-3803302158-3255603873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 116.0.5845.141 - Comodo)
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (HKLM\...\{529CC629-B436-4886-B322-4BE75B97783D}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.150 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
HP Hotkey Support (HKLM-x32\...\{5CA104DB-9884-4CDB-B31B-B977EACC7B3D}) (Version: 6.2.50.1 - HP Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\...\OneDriveSetup.exe) (Version: 23.194.0917.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.2 (x64 cs)) (Version: 113.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 99.0.1 - Mozilla)
Opera Stable 102.0.4880.78 (HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\...\Opera 102.0.4880.78) (Version: 102.0.4880.78 - Opera Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-22] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-10-02] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.5.0_x86__3h5nez1g3qt2c [2023-06-05] (GT Office PDF Studio)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.928.1334.242_neutral__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is disabled.
Network Binding:
=============
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Síťové připojení Bluetooth: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: CmdAgent => 2
MSCONFIG\Services: cmdvirth => 3
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F4F3C161-62EC-4382-B43F-DFC7CE4DE500}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E4859FD0-E56D-44FF-88BA-A8ECCAA7C13E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{786BFFEB-368A-4790-8443-2291710DB50F}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{325181FE-66B5-4A2E-9A69-DDAAD8E251FF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{7780DB5F-2E39-48D4-9DA6-7B9D39D4BCD3}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{CE080E44-9960-4FF7-9695-3F617B44DAA6}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{7E11FFBB-B370-428E-9871-681D93E0F6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{883482DA-78B2-4DB0-A21A-CD75C9E0DEE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB135B6D-DB19-494C-8211-9226283A5F1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4E55F5C9-9B31-4134-9BDD-7DD34C3F3BB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EEE351CB-385B-4869-B1C0-5A07DFEE8898}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8B10708B-09FC-47C2-B67A-37E544E19E8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6CE4D6BE-BC8D-4461-89D8-B34F2E002EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1C2A1348-76FB-4C1D-A496-CB798E77B29A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{74DD3915-5509-4170-B6D6-64BC50536653}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{55FB2323-3432-4D08-B2B7-782DFEC69243}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C79210A6-638E-4021-9B61-74DBD2B008DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC45A4B4-BB28-4716-B776-BB6C6C4D4823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC6586F0-9711-4E40-B28F-AE3111CAF337}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5CEF8ADB-0E3C-419A-9F46-317E2A27324F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11A9955C-1E39-4F42-8565-DB82B42023FC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BBA97FC3-E7B1-4B67-8897-8647D7992C1F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10148C79-EFC6-4ECA-A0CD-8F65EBF4BDA7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3AAFFE66-7334-4A68-9985-17B44C1845BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30D11467-F488-462D-B92B-674D7674485F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F616DFBA-549D-4566-8D5F-9882654F6CFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:953.64 GB) (Free:898.86 GB) (94%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/10/2023 09:45:57 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/04/2023 10:19:49 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (10/02/2023 02:54:22 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/29/2023 03:27:46 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/28/2023 03:00:20 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (10/10/2023 10:29:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (10/10/2023 09:42:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:21:29, 09.10.2023) bylo neočekávané.
Error: (10/09/2023 09:01:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:38:47, 09.10.2023) bylo neočekávané.
Error: (10/05/2023 02:18:10 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (10/04/2023 10:48:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (10/02/2023 10:16:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4NNS1-Microsoft.DesktopAppInstaller.
Error: (10/02/2023 10:16:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (10/02/2023 02:52:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Windows Defender:
================
Date: 2022-03-22 15:29:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CDC4A98F-DCCC-4F2D-A63F-3350E8873CAF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-03-21 07:11:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D715F84-9085-4678-AA81-B146F1B25E1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-10-10 22:28:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-10-10 22:19:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard L78 Ver. 01.02 12/05/2013
Motherboard: Hewlett-Packard 2101
Processor: Intel(R) Core(TM) i5-4300M CPU @ 2.60GHz
Percentage of memory in use: 63%
Total physical RAM: 8089.09 MB
Available physical RAM: 2920.99 MB
Total Virtual: 20889.09 MB
Available Virtual: 14881.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.64 GB) (Free:898.86 GB) (Model: SSD_2.5"_1TB_InnovationIT_QLC) NTFS
\\?\Volume{37bc9695-d24e-4788-866e-51b04b66678d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 41AFE695)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118278
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir na PC nebo telefonu - prosím o kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vir na PC nebo telefonu - prosím o kontrolu
Scan proběhl, ale nic to nenašlo, ani se to nerestartovalo, ani nevygenerovalo log.
-
Rudy
- Site Admin
- Příspěvky: 118278
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir na PC nebo telefonu - prosím o kontrolu
OK, pak je to po virové stránce v pořádku. Víte, že máte 2 antivry aktivní? Comodo a Avast. Jeden z nich vypněte, nebo odinstalujte. Takto dochází k sw konfliktu. Odstraníme tedy alespoň zbytečnosti. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
<==== ATTENTION [zero byte? (Error=126)] C:\Program Files (x86)\Mozilla Maintenance Service\update\updater.exe
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {90885C5E-6746-4DE2-A282-AC1412E4C900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
Task: {39B178D2-2DA5-483F-B16C-DAA69FC90CD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?