VIRY.CZ

Manželce se začaly přes Messenger samy odesílat zprávy s virem. Nevíme, zda zdrojem je PC nebo telefon.

PC posílám níže:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by HP (administrator) on DESKTOP-VEVD5JH (Hewlett-Packard HP ProBook 640 G1) (10-10-2023 22:22:57)
Running from C:\Users\HP\Desktop\FRST64.exe
Loaded Profiles: HP
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() <==== ATTENTION [zero byte? (Error=126)] C:\Program Files (x86)\Mozilla Maintenance Service\update\updater.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17>
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\updater.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> Comodo) C:\Program Files (x86)\COMODO\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\HP\AppData\Local\Microsoft\OneDrive\23.194.0917.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [225248 2017-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.150\Installer\chrmstp.exe [2023-10-09] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C4DE68C4-3876-49AE-A8BC-A17985313F7E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
Task: {F4EE81AD-7DAD-4787-B44B-B0E4E27F9060} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {8D3444ED-0E69-4FF9-A326-A5DC1CF35180} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {1855E54C-F253-4E78-8E8F-2433FA382023} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F5561F01-14F9-4249-B60B-7B263C9CBFF4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A7FC8621-9F90-4EB8-8162-B9E0AD774267} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7F19735F-B631-46C2-AEFE-0DC381C781EA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A84C2501-6556-4C90-8186-24FE4F074BA4} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C74558F1-EF24-437F-99DE-50D41E92C250} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {90885C5E-6746-4DE2-A282-AC1412E4C900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
Task: {39B178D2-2DA5-483F-B16C-DAA69FC90CD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
Task: {DB35F724-D9E4-44E2-BF81-1F77EE63D30D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [891432 2018-08-31] (HP Inc. -> HP)
Task: {17135676-AE1D-467D-88F3-F7B9303B0461} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {687CDD31-B533-4E3F-95EF-0D6B9073E370} - System32\Tasks\Opera scheduled Autoupdate 1661414076 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe [2744224 2023-09-28] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a70b78c1-5608-40c9-bcf8-9fa2d01cf526}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{a70b78c1-5608-40c9-bcf8-9fa2d01cf526}: [DhcpNameServer] 10.100.100.10 8.8.8.8
Tcpip\..\Interfaces\{cfb411ed-af9c-4eae-8eee-c9f142b35e77}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-21]
Edge Extension: (Edge relevant text changes) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-11]

FireFox:
========
FF DefaultProfile: 08b35k38.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\08b35k38.default [2022-04-18]
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cbucvv3n.default-release [2023-10-10]
FF Session Restore: Mozilla\Firefox\Profiles\cbucvv3n.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\cbucvv3n.default-release -> hxxps://cz.pinterest.com; hxxps://prm.com

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2023-10-10]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-18]

Opera:
=======
OPR Profile: C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable [2023-09-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-08-25]
OPR Extension: (Opera Crypto Wallet) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-08-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-10-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-04-18] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2260208 2023-09-08] (Comodo Security Solutions, Inc. -> Comodo)
R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [22528 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [969256 2018-08-31] (HP Inc. -> HP)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1128992 2017-12-12] (HP Inc. -> HP)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [618536 2018-08-31] (HP Inc. -> HP)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [82944 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-10-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
S3 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [439544 2022-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-10 22:22 - 2023-10-10 22:24 - 000018591 _____ C:\Users\HP\Desktop\FRST.txt
2023-10-10 22:22 - 2023-10-10 22:23 - 000000000 ____D C:\FRST
2023-10-10 22:17 - 2023-10-10 22:17 - 002383360 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2023-10-10 21:47 - 2023-10-10 21:47 - 000000000 ___HD C:\$WinREAgent
2023-10-09 21:06 - 2023-10-09 21:06 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-25 22:57 - 2023-09-25 23:00 - 197143389 _____ C:\Users\HP\Desktop\animace Neškola.mp4
2023-09-16 00:07 - 2023-09-16 00:07 - 000087605 _____ C:\Users\HP\Desktop\Prihlaska_Farmarske trhy zima_2023.ods
2023-09-15 23:52 - 2023-09-16 00:09 - 000087868 _____ C:\Users\HP\Desktop\Prihlaska_Farmarske trhy podzim_2023.ods
2023-09-13 11:59 - 2023-09-13 11:59 - 000000000 ____D C:\Users\HP\AppData\Local\OneDrive

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-10 22:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-10 22:22 - 2023-05-27 22:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-10 22:22 - 2022-04-18 12:15 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2023-10-10 22:21 - 2022-04-18 12:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-10 21:52 - 2022-03-18 15:21 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-10 21:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-10 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-10 21:50 - 2022-03-18 15:26 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-10 21:50 - 2019-12-07 16:43 - 000683426 _____ C:\Windows\system32\perfh005.dat
2023-10-10 21:50 - 2019-12-07 16:43 - 000137206 _____ C:\Windows\system32\perfc005.dat
2023-10-10 21:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-10-10 21:49 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-10-10 21:45 - 2022-04-18 12:11 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-10 21:45 - 2022-03-18 16:08 - 000000000 ____D C:\Windows\SystemTemp
2023-10-10 21:43 - 2022-03-18 15:41 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2023-10-10 21:42 - 2023-05-27 22:14 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-10 21:42 - 2022-03-18 16:04 - 000000000 ____D C:\ProgramData\Synaptics
2023-10-10 21:42 - 2022-03-18 15:20 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-10 21:42 - 2022-03-18 15:20 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-10 21:42 - 2022-03-18 15:20 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-10-09 21:38 - 2022-04-18 12:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-09 21:38 - 2022-04-18 12:12 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-09 21:32 - 2022-04-18 12:11 - 000000000 ____D C:\Users\HP\AppData\Local\Avast Software
2023-10-09 21:09 - 2023-05-26 19:33 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1628403915-3803302158-3255603873-1001
2023-10-09 21:09 - 2022-03-18 15:40 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1628403915-3803302158-3255603873-1001
2023-10-09 21:09 - 2022-03-18 15:38 - 000002372 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-09 21:07 - 2022-04-18 12:07 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-10-09 21:06 - 2022-04-18 12:07 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-10-09 21:06 - 2022-04-18 12:07 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-10-09 21:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-09 21:01 - 2022-03-18 15:38 - 000000000 ____D C:\Users\HP
2023-10-02 22:21 - 2022-08-25 09:54 - 000004182 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1661414076
2023-10-02 22:21 - 2022-08-25 09:54 - 000001400 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-09-25 23:09 - 2022-08-25 09:54 - 000001404 _____ C:\Users\HP\Desktop\Prohlížeč Opera.lnk
2023-09-25 23:09 - 2022-03-18 15:38 - 000002350 _____ C:\Users\HP\Desktop\Microsoft Edge.lnk
2023-09-25 22:17 - 2022-03-18 15:38 - 000000000 ____D C:\ProgramData\Packages
2023-09-22 23:29 - 2022-03-18 15:38 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2023-09-19 22:32 - 2022-04-18 12:11 - 000003768 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-19 22:32 - 2022-04-18 12:11 - 000003644 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-19 22:29 - 2022-04-18 11:57 - 000000000 ____D C:\ProgramData\Avast Software
2023-09-16 02:28 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-09-16 02:27 - 2022-03-18 15:20 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-16 02:26 - 2019-12-07 16:47 - 000000000 ___SD C:\Windows\system32\AppV
2023-09-16 02:26 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-16 02:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-15 23:14 - 2022-03-18 15:24 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-09-15 22:56 - 2022-03-18 15:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-15 22:54 - 2022-03-18 15:45 - 000000000 ____D C:\Windows\system32\MRT
2023-09-15 22:50 - 2022-03-18 15:45 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-09-13 12:00 - 2022-04-18 12:14 - 000000000 ____D C:\Program Files (x86)\COMODO

==================== Files in the root of some directories ========

2022-06-04 11:16 - 2021-11-10 09:18 - 000451976 _____ (COMODO) C:\ProgramData\cmdres.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by HP (10-10-2023 22:27:45)
Running from C:\Users\HP\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2022-03-18 13:22:25)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1628403915-3803302158-3255603873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1628403915-3803302158-3255603873-503 - Limited - Disabled)
Guest (S-1-5-21-1628403915-3803302158-3255603873-501 - Limited - Disabled)
HP (S-1-5-21-1628403915-3803302158-3255603873-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-1628403915-3803302158-3255603873-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 116.0.5845.141 - Comodo)
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (HKLM\...\{529CC629-B436-4886-B322-4BE75B97783D}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.150 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
HP Hotkey Support (HKLM-x32\...\{5CA104DB-9884-4CDB-B31B-B977EACC7B3D}) (Version: 6.2.50.1 - HP Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\...\OneDriveSetup.exe) (Version: 23.194.0917.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.2 (x64 cs)) (Version: 113.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 99.0.1 - Mozilla)
Opera Stable 102.0.4880.78 (HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\...\Opera 102.0.4880.78) (Version: 102.0.4880.78 - Opera Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-22] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-10-02] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.5.0_x86__3h5nez1g3qt2c [2023-06-05] (GT Office PDF Studio)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.928.1334.242_neutral__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1628403915-3803302158-3255603873-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is disabled.

Network Binding:
=============
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Síťové připojení Bluetooth: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: CmdAgent => 2
MSCONFIG\Services: cmdvirth => 3

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F4F3C161-62EC-4382-B43F-DFC7CE4DE500}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E4859FD0-E56D-44FF-88BA-A8ECCAA7C13E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{786BFFEB-368A-4790-8443-2291710DB50F}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{325181FE-66B5-4A2E-9A69-DDAAD8E251FF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{7780DB5F-2E39-48D4-9DA6-7B9D39D4BCD3}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{CE080E44-9960-4FF7-9695-3F617B44DAA6}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{7E11FFBB-B370-428E-9871-681D93E0F6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{883482DA-78B2-4DB0-A21A-CD75C9E0DEE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB135B6D-DB19-494C-8211-9226283A5F1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4E55F5C9-9B31-4134-9BDD-7DD34C3F3BB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EEE351CB-385B-4869-B1C0-5A07DFEE8898}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8B10708B-09FC-47C2-B67A-37E544E19E8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6CE4D6BE-BC8D-4461-89D8-B34F2E002EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1C2A1348-76FB-4C1D-A496-CB798E77B29A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{74DD3915-5509-4170-B6D6-64BC50536653}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{55FB2323-3432-4D08-B2B7-782DFEC69243}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C79210A6-638E-4021-9B61-74DBD2B008DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC45A4B4-BB28-4716-B776-BB6C6C4D4823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC6586F0-9711-4E40-B28F-AE3111CAF337}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5CEF8ADB-0E3C-419A-9F46-317E2A27324F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11A9955C-1E39-4F42-8565-DB82B42023FC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BBA97FC3-E7B1-4B67-8897-8647D7992C1F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10148C79-EFC6-4ECA-A0CD-8F65EBF4BDA7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3AAFFE66-7334-4A68-9985-17B44C1845BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30D11467-F488-462D-B92B-674D7674485F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F616DFBA-549D-4566-8D5F-9882654F6CFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:953.64 GB) (Free:898.86 GB) (94%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/10/2023 09:45:57 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (10/09/2023 01:42:23 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/04/2023 10:19:49 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (10/02/2023 02:54:22 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (09/29/2023 03:27:46 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (09/28/2023 03:00:20 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

System errors:
=============
Error: (10/10/2023 10:29:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (10/10/2023 09:42:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:21:29, ‎09.‎10.‎2023) bylo neočekávané.

Error: (10/09/2023 09:01:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:38:47, ‎09.‎10.‎2023) bylo neočekávané.

Error: (10/05/2023 02:18:10 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (10/04/2023 10:48:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (10/02/2023 10:16:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4NNS1-Microsoft.DesktopAppInstaller.

Error: (10/02/2023 10:16:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (10/02/2023 02:52:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Windows Defender:
================
Date: 2022-03-22 15:29:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CDC4A98F-DCCC-4F2D-A63F-3350E8873CAF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-21 07:11:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D715F84-9085-4678-AA81-B146F1B25E1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-10-10 22:28:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-10-10 22:19:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Hewlett-Packard L78 Ver. 01.02 12/05/2013
Motherboard: Hewlett-Packard 2101
Processor: Intel(R) Core(TM) i5-4300M CPU @ 2.60GHz
Percentage of memory in use: 63%
Total physical RAM: 8089.09 MB
Available physical RAM: 2920.99 MB
Total Virtual: 20889.09 MB
Available Virtual: 14881.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.64 GB) (Free:898.86 GB) (Model: SSD_2.5"_1TB_InnovationIT_QLC) NTFS

\\?\Volume{37bc9695-d24e-4788-866e-51b04b66678d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 41AFE695)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Scan proběhl, ale nic to nenašlo, ani se to nerestartovalo, ani nevygenerovalo log.

OK, pak je to po virové stránce v pořádku. Víte, že máte 2 antivry aktivní? Comodo a Avast. Jeden z nich vypněte, nebo odinstalujte. Takto dochází k sw konfliktu. Odstraníme tedy alespoň zbytečnosti. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
<==== ATTENTION [zero byte? (Error=126)] C:\Program Files (x86)\Mozilla Maintenance Service\update\updater.exe
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {90885C5E-6746-4DE2-A282-AC1412E4C900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
Task: {39B178D2-2DA5-483F-B16C-DAA69FC90CD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-04-18] (Google Inc -> Google LLC)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

VIRY.CZ

Vir na PC nebo telefonu - prosím o kontrolu

Vir na PC nebo telefonu - prosím o kontrolu

Re: Vir na PC nebo telefonu - prosím o kontrolu

Re: Vir na PC nebo telefonu - prosím o kontrolu

Re: Vir na PC nebo telefonu - prosím o kontrolu

Re: Vir na PC nebo telefonu - prosím o kontrolu