Zamrzání NTB, pomalé odezvy
Napsal: 13 pro 2023 22:24
Dobrý večer,
prosím o kontrolu, NTB byl v nedávné době zkontrolován, ale teď se dějou daleko divočejší věci..NTB zamrzne a už se nehne, končí to resetem z mojí strany, když nezamrzne tak se seká, reaguje pomalu..prosím pomoc
děkuji, D.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2023
Ran by Deni (administrator) on LAPTOP-ETSM2MGT (Acer Swift SF315-52) (13-12-2023 22:02:40)
Running from C:\Users\Deni\Desktop\FRST64.exe
Loaded Profiles: Deni
Platform: Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\hicloud\update_server\startUp.exe ->) (EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\SPUpDateServer.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Deni\AppData\Local\Programs\Opera\105.0.4970.34\opera_crashreporter.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\65.0.4.0\crashpad_handler.exe <2>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Opera Norway AS -> Opera Software) C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe <29>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.2.57\nsWscSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(svchost.exe ->) (EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\startUp.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Run: [Google Update] => C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\GoogleUpdateCore.exe [223008 2023-12-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Run: [MicrosoftEdgeAutoLaunch_9742FF3EC7E0B1CBAFAC0A60C1343A20] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788736 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\RunOnce: [!BingChatInstaller.exe] => C:\Windows\Temp\MUBSTemp\BingChatInstaller.exe [17682464 2023-12-13] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKLM\Software\...\AppCompatFlags\Custom\game.exe: [{1421ef36-3d77-4de9-aad4-c6f2f95e304f}.sdb] -> GOG.com The Longest Journey
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1421ef36-3d77-4de9-aad4-c6f2f95e304f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1421ef36-3d77-4de9-aad4-c6f2f95e304f}.sdb [2013-01-04]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3A173FD8-CA18-412C-862F-A9DCD35CAEA3} - \Software Update Application -> No File <==== ATTENTION
Task: {C7C6DF73-B03E-4482-A211-34CDC12212DB} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-31] (Acer Incorporated -> )
Task: {AC18FE8A-7CFD-439F-8B92-14DA59128EF4} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-31] (Acer Incorporated -> )
Task: {85A4BF33-95E2-4F80-B9EE-2078EFDC8AE7} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-10-31] (Acer Incorporated -> )
Task: {F4FF79B3-E39D-45F4-A313-8EA079C0E2DD} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-15] (Acer Incorporated -> )
Task: {0F0C8A43-B17C-4365-8EC6-1E784CACD186} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-14] (Acer Incorporated -> Acer Incorporated)
Task: {B9C7B079-7DB7-457D-9DB1-6246EDE1764F} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {A85E8BF4-E9B9-4506-BF7E-9701ADC4605E} - System32\Tasks\CareCenter\Google Update_Reg_HKCURun_S-1-5-21-3182236762-2932985501-2615738926-1001 => C:\Users\Deni\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe (No File) <==== ATTENTION
Task: {D0BEA893-136D-4B33-B9CF-38C4DC83EA78} - System32\Tasks\CareCenter\RtHDVBg_ASC_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {564ED0E8-537C-4B1B-8F60-5E7430F83CF0} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4FD77B89-23DE-4D97-928D-BF92F853A9C1} - System32\Tasks\CareCenter\SPUpDateServerrun_Reg_HKLMWow6432Run => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] (EZVIZ Inc. -> )
Task: {F6F4DFCD-98D7-41A2-9F91-ED603574C746} - System32\Tasks\DashlaneUpgradeCheck => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {394FC082-26F8-4B23-B399-A521CD0337BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001Core => C:\Users\Deni\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-30] (Google LLC -> Google LLC)
Task: {61EC1240-8B99-4BBD-A2A3-E02A0783F78C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001UA => C:\Users\Deni\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-30] (Google LLC -> Google LLC)
Task: {1E9A9CC0-27F6-43B9-9EF2-D601114609A2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {A4CE252C-B868-4197-BBCD-5BB51DFA29C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {952D7575-ECF3-4DBE-AB92-7DF4A095B698} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1B09EF5E-3A05-47D5-88A6-CA75F1B28677} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC070C13-E1F1-4C1F-ABF9-C2B953D10159} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA47B81D-541D-4FDB-9A0E-338D5C5DEA82} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [256512 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
Task: {609FA6C8-1E05-4021-A525-6D26BE1F53AA} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {9CA55461-EF0F-47C3-A99B-EEB076FCB690} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {2F51F7DB-3574-4600-8E79-CDC6144022EB} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {AADED1BA-FE50-4A74-8CEC-FCFA26EC4FFE} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.2.57\WSCStub.exe [645008 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {380EE4CF-A46B-484C-8D25-3B79681290C5} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {6A39B91D-6AAD-4F68-A1FD-249E11E3A014} - System32\Tasks\Opera scheduled Autoupdate 1545039687 => C:\Users\Deni\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-12-05] (Opera Norway AS -> Opera Software)
Task: {81703383-8836-43B9-ACDB-EB04A13A640F} - System32\Tasks\Opera scheduled Autoupdate 1620516357 => C:\Users\Mirek\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-10-13] (Opera Norway AS -> Opera Software)
Task: {E1D66FFD-9FEB-4F62-834B-5C46BFC70BAE} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2771104 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {51E2DD2E-7CAE-41C5-B9A8-965185AE46E0} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {0BBDF5EE-13F6-436F-8DA2-D8BEEA780C07} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2162704 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {D213AC33-4189-4DB0-A591-167FBD875C37} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [91440 2017-09-26] (Acer Incorporated -> Microsoft)
Task: {D80BA947-06ED-470E-9465-C0FCF07BF095} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-09-14] (Acer Incorporated -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91012a6c-9ab6-4a2a-b373-f227e8fcd55d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b51b2470-09b3-4280-a0bd-d4356cc6c9a2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ce119a0c-9973-4bab-a3b4-9fe970141d1a}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Deni\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Deni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
Edge Extension: (Edge relevant text changes) - C:\Users\Deni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-02]
FireFox:
========
FF DefaultProfile: i2e42mik.default
FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\i2e42mik.default [2023-08-08]
FF Homepage: Mozilla\Firefox\Profiles\i2e42mik.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\i2e42mik.default -> about:newtab
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\i2e42mik.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-21]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\i2e42mik.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2022-04-21]
Chrome:
=======
CHR Profile: C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default [2023-10-06]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Extension: (Hamty.cz doplněk) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccfnphpieojibjmnodiiobdapckkkfb [2023-10-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-06]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S3 GameInputSvc; C:\WINDOWS\System32\GameInputSvc.exe [50280 2023-12-13] (Microsoft Corporation -> Microsoft Corporation)
S2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe [344760 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.2.57\nsWscSvc.exe [1055960 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466592 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [505504 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-14] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1685312 2023-02-09] (WildTangent, Inc. -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\BASHDefs\20190212.002\BHDrvx64.sys [1934048 2019-02-12] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\ccSetx64.sys [192376 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-12-16] (Symantec Corporation -> Symantec Corporation)
R0 FPWinIo; C:\WINDOWS\System32\drivers\FPWinIo.sys [30536 2017-11-09] (Egis Technology Inc. -> Egis Technology Inc.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\IPSDefs\20190214.061\IDSvia64.sys [1424904 2019-01-26] (Symantec Corporation -> Symantec Corporation)
R3 MpKslee2cbb23; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32F6FA1F-5A96-4BEC-99C2-0AD812A41804}\MpKslDrv.sys [263560 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Program Files (x86)\Ezviz Studio\npf64.sys [36600 2021-01-25] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SRTSP64.SYS [889520 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SRTSPX64.SYS [50864 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SYMEFASI64.SYS [1964552 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SymELAM.sys [25024 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-21] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.11.1.5\SymPlatform\SymEvnt.sys [678616 2019-01-28] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\Ironx64.SYS [316656 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\symnets.sys [575280 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\wpCtrlDrv.sys [1012120 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S3 MpKsl5a30cc99; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F7CF92C8-E940-470B-8C1B-5CF8D31C295B}\MpKslDrv.sys [X]
S3 MpKsl98b2782c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F7CF92C8-E940-470B-8C1B-5CF8D31C295B}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-13 22:02 - 2023-12-13 22:03 - 000025032 _____ C:\Users\Deni\Desktop\FRST.txt
2023-12-13 22:02 - 2023-12-13 22:03 - 000000000 ____D C:\FRST
2023-12-13 19:42 - 2023-12-13 19:42 - 002386432 _____ (Farbar) C:\Users\Deni\Desktop\FRST64.exe
2023-12-13 12:59 - 2023-12-13 12:59 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-13 12:19 - 2023-12-13 12:19 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-13 12:07 - 2023-12-13 12:07 - 000000000 ___HD C:\$WinREAgent
2023-12-09 00:10 - 2023-12-09 00:10 - 000120906 _____ C:\Users\Deni\Downloads\faktura_FV-M-043429-11-2023.pdf
2023-12-09 00:09 - 2023-12-09 00:09 - 000067667 _____ C:\Users\Deni\Downloads\5084567315.pdf
2023-12-06 23:06 - 2023-12-06 22:46 - 824114087 _____ C:\Users\Deni\Desktop\Vánoce.zip
2023-12-06 23:02 - 2023-12-06 23:05 - 824114087 _____ C:\Users\Deni\Downloads\Bohoňkovi Vánoce (1).zip
2023-12-06 22:58 - 2023-12-06 22:58 - 000001043 _____ C:\Users\Public\Desktop\CEWE fotosvet.lnk
2023-12-06 22:58 - 2023-12-06 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE fotosvet
2023-12-06 22:51 - 2023-12-06 22:51 - 000000000 ____D C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CEWE fotosvet
2023-12-06 22:50 - 2023-12-06 22:50 - 000000000 ____D C:\Users\Deni\Desktop\Vánoční focení 2023
2023-12-06 22:48 - 2023-12-06 22:48 - 000000000 ____D C:\Users\Deni\AppData\Roaming\hps-install
2023-12-06 22:43 - 2023-12-06 22:46 - 824114087 _____ C:\Users\Deni\Downloads\Bohoňkovi Vánoce.zip
2023-12-06 21:04 - 2023-12-06 21:04 - 000000000 ____D C:\Users\Deni\Desktop\egg real fotky
2023-12-06 21:00 - 2023-12-06 21:00 - 000023122 _____ C:\Users\Deni\Desktop\VZOR1_ omezeni svepravnosti 1111.odt
2023-12-06 20:54 - 2023-12-06 23:04 - 000000000 ____D C:\Users\Deni\Desktop\ořezy focení u vody 2023
2023-12-05 22:51 - 2023-12-05 22:51 - 000118451 _____ C:\Users\Deni\Desktop\E-01-08-navrh na omezeni svepravnosti.pdf
2023-12-04 10:57 - 2023-12-04 10:57 - 004792365 _____ C:\Users\Deni\Downloads\prilohy_284907.zip
2023-12-03 18:40 - 2023-12-03 18:40 - 000033479 _____ C:\Users\Deni\Desktop\Rozvrh směn Soběnov 2024.xlsx
2023-12-01 09:47 - 2023-12-01 09:47 - 000051750 _____ C:\Users\Deni\Downloads\invoice_2317720.pdf
2023-11-30 07:40 - 2023-11-30 07:40 - 000020710 _____ C:\Users\Deni\Downloads\Ezopovy+bajky+-+ČD (1).odt
2023-11-29 00:44 - 2023-11-29 00:44 - 000020710 _____ C:\Users\Deni\Downloads\Ezopovy+bajky+-+ČD.odt
2023-11-21 19:12 - 2023-11-21 19:22 - 2460943487 _____ C:\Users\Deni\Downloads\2023-11-18 16-58-11.mkv
2023-11-18 22:56 - 2023-11-18 22:56 - 000034170 _____ C:\Users\Deni\Downloads\1621099176.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-13 22:01 - 2023-09-24 19:04 - 000000000 ____D C:\Users\Deni\Desktop\screeny
2023-12-13 21:48 - 2020-10-08 23:31 - 000003508 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2023-12-13 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-13 21:25 - 2020-10-08 23:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-13 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-13 19:40 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-13 18:51 - 2020-10-08 23:33 - 000006020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-13 18:51 - 2019-12-07 15:41 - 004180756 _____ C:\WINDOWS\system32\perfh005.dat
2023-12-13 18:51 - 2019-12-07 15:41 - 001174766 _____ C:\WINDOWS\system32\perfc005.dat
2023-12-13 18:46 - 2023-08-14 11:01 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-13 18:46 - 2018-12-17 10:10 - 000000000 __SHD C:\Users\Deni\IntelGraphicsProfiles
2023-12-13 18:45 - 2021-01-19 08:03 - 000000000 ____D C:\WINDOWS\Minidump
2023-12-13 18:45 - 2020-10-08 23:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-13 18:45 - 2020-10-08 23:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-13 18:45 - 2020-02-11 09:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-12-13 18:45 - 2019-09-20 18:45 - 1021662631 _____ C:\WINDOWS\MEMORY.DMP
2023-12-13 13:01 - 2020-10-08 23:25 - 000000000 ____D C:\Users\Deni
2023-12-13 13:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-13 13:01 - 2018-12-17 10:10 - 000000000 ____D C:\Users\Deni\AppData\Local\Packages
2023-12-13 13:00 - 2020-10-08 23:24 - 000296552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-13 13:00 - 2019-12-07 10:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-13 12:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-13 12:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-13 12:21 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-13 12:21 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-12-13 12:19 - 2020-10-08 23:26 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-13 09:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-12 16:56 - 2020-03-30 14:40 - 000002501 _____ C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-12 16:19 - 2020-10-08 23:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2023-12-12 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-11 21:04 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-11 00:29 - 2019-01-14 13:02 - 000000000 ____D C:\ProgramData\Packages
2023-12-11 00:29 - 2018-12-17 10:24 - 000000000 ____D C:\Users\Deni\AppData\Local\PlaceholderTileLogoFolder
2023-12-10 09:58 - 2020-10-08 23:31 - 000004198 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1545039687
2023-12-10 09:58 - 2018-12-17 10:41 - 000001410 _____ C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-12-08 08:50 - 2020-06-09 00:42 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-07 12:46 - 2019-01-14 12:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-06 23:00 - 2023-10-28 21:20 - 000000000 ____D C:\Users\Deni\Desktop\FOTO
2023-12-05 18:39 - 2023-09-16 07:56 - 000004030 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001UA
2023-12-05 18:39 - 2023-09-16 07:56 - 000003762 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001Core
2023-12-04 12:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-21 13:22 - 2021-12-12 18:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3182236762-2932985501-2615738926-1001
2023-11-21 13:22 - 2020-10-08 23:31 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3182236762-2932985501-2615738926-1001
2023-11-21 13:22 - 2020-10-08 23:25 - 000002382 _____ C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-19 13:53 - 2023-08-14 11:03 - 000000000 ____D C:\Users\Deni\AppData\Local\Steam
2023-11-16 14:01 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-16 14:01 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-16 14:00 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-16 14:00 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-14 23:13 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-14 23:13 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-14 22:52 - 2019-01-13 21:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-14 22:50 - 2019-01-13 21:10 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2023-01-01 14:52 - 2023-01-01 14:52 - 000000042 _____ () C:\Users\Deni\AppData\Local\Autosofted License.txt
2022-12-18 19:14 - 2022-12-18 19:14 - 000003631 _____ () C:\Users\Deni\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2023
Ran by Deni (13-12-2023 22:05:48)
Running from C:\Users\Deni\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) (2020-10-08 22:31:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3182236762-2932985501-2615738926-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3182236762-2932985501-2615738926-503 - Limited - Disabled)
Deni (S-1-5-21-3182236762-2932985501-2615738926-1001 - Administrator - Enabled) => C:\Users\Deni
Guest (S-1-5-21-3182236762-2932985501-2615738926-501 - Limited - Disabled)
Mirek (S-1-5-21-3182236762-2932985501-2615738926-1002 - Limited - Enabled) => C:\Users\Mirek
WDAGUtilityAccount (S-1-5-21-3182236762-2932985501-2615738926-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Disabled - Out of date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Disabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3034 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3030 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3005 - Acer Incorporated)
Auto Key Presser (HKLM-x32\...\{E74BC2D3-A788-45B8-B526-2E3F7702FD51}) (Version: 0.7.0 - Arifur.net)
CEWE fotosvet (HKLM\...\CEWE fotosvet) (Version: 7.3.4 - CEWE Stiftung u Co. KGaA)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 6.4.5 - CEWE Stiftung u Co. KGaA)
EgisTec Touch Fingerprint Sensor PBA Driver (HKLM-x32\...\{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.3.14 - Egis Technology Inc.)
Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version: - EZVIZ Inc.)
Farmerama (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Farmerama) (Version: 1.2.8 - Bigpoint GmbH)
GIMP 2.10.30 (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
GOG.com The Longest Journey (HKLM\...\{1421ef36-3d77-4de9-aad4-c6f2f95e304f}.sdb) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 65.0.4.0 - Google LLC)
Google Chrome (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Google Chrome) (Version: 120.0.6099.71 - Google LLC)
iCloud Outlook (HKLM\...\{B8056148-C2ED-44EC-A3D1-93FDA8B120FC}) (Version: 13.4.0.101 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{7FB35D08-C75C-4A18-B593-1D7C3E8970AD}) (Version: 10.1.1.45 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1050 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{39E08562-9C5A-42B9-9583-4D3BEE17FF0B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{586324D6-35AF-4738-9324-B44F54638797}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3DEB594C-9E31-4AF0-8142-8047EEBCD837}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{82B8C0DF-94E9-4E42-B132-47F13CD5EE3C}) (Version: 15.9.1.1020 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{E6D90D08-C61C-42BD-971B-301E5C9B6F70}) (Version: 30.100.1725.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{ba25c46f-28f8-4449-97ab-7bb20f3f9a9c}) (Version: 20.30.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{86BC0F23-2560-4635-A7DE-95B174D7A95E}) (Version: 20.30.0.1296 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\...\OneDriveSetup.exe) (Version: 22.207.1002.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{604D9458-AADD-4FC8-91ED-4417258DE59F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{0ABFD65F-A001-4804-975A-33BB2F404621}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 99.0.1 (x86 en-US)) (Version: 99.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
Norton Security (HKLM-x32\...\NGC) (Version: 22.20.2.57 - Symantec Corporation)
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Opera Stable 105.0.4970.34 (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Opera 105.0.4970.34) (Version: 105.0.4970.34 - Opera Software)
Opera Stable 91.0.4516.77 (HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\...\Opera 91.0.4516.77) (Version: 91.0.4516.77 - Opera Software)
paint.net (HKLM\...\{E91052A0-E7C9-4462-B7B5-2C7279F7203B}) (Version: 4.3.12 - dotPDN LLC)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8924.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
The Longest Journey (HKLM-x32\...\GOGPACKTLJ_is1) (Version: 2.0.0.12 - GOG.com)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.1 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 5.0.0.331 - WildTangent) Hidden
WinRAR 5.91 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2021-05-09] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-05-30] (Acer Incorporated)
Booking.com Partner App -> C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerApp_1.1.2.1000_x64__6wqyppa9wfhnr [2021-05-09] (Booking.com B.V.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2670.2.0_x64__kgqvnymyfvs32 [2023-12-08] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.507.0_x64__rz1tebttyb220 [2023-12-09] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation)
eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2021-05-09] (CN=Acer Incorporated)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.67.4.0_x64__q4d96b2w5wcc2 [2023-12-05] (Evernote) [Startup Task]
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-17] (Fitbit)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-11] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa [2023-11-04] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.16.0_x64__w1wdnht996qgy [2023-12-08] (LinkedIn) [Startup Task]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-06-13] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2021-05-09] (MAGIX Software GmbH)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-10-20] (Netflix, Inc.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1129.0_x64__8wekyb3d8bbwe [2023-12-11] (Microsoft Corporation)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-05-09] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-05-09] (CYBERLINK COM CORP)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.4.96.0_x64__kx24dqmazqk8j [2023-08-31] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-10-20] (Random Salad Games LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Studios) [MS Ad]
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.1.121.0_x64__kx24dqmazqk8j [2023-12-13] (Random Salad Games LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-05-09] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm [2023-12-08] (WhatsApp Inc.) [Startup Task]
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2021-05-09] (WildTangent Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{7C7100B8-AB8A-44E3-8F31-AAC9DA5031A5} -> [Fotky na iCloudu] => C:\Users\Deni\Pictures\iCloud Photos\Photos
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{82A6D7A6-FC2E-4DFD-AAEF-E3BBF9AD71AD}\localserver32 -> C:\Program Files\Fotolab\CEWE fotosvet\AutoBookService.exe () [File not signed]
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{8D422533-936A-4A82-B15C-BD5319AB0026}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.332\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Deni\AppData\Local\Google\Chrome\Application\120.0.6099.71\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{AE9899FA-E21F-4D91-BD1F-59BC10E56CA1}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.293\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{B9C751AA-D9CF-4E09-A270-E5BBD2194F83}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{E4949BE6-C9FF-4AFA-8672-6127D857418B}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.313\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{E5417C58-D42F-4799-AAF2-6D4F0B72EB1C} -> [iCloud Drive] => C:\Users\Deni\iCloudDrive
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{ED0BC9DB-3CE6-49E5-9B2F-590DCEF8C016}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.342\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-02-12 12:34 - 2015-09-10 16:50 - 000195072 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\ExceptionHandler.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 001320448 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hlog.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000151607 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hpr.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000107520 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\SPUpDate.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000285184 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\hicloud\update_server\libcurl.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 001204736 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\LIBEAY32.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000296448 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2023-08-08 09:05 - 000000753 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Deni\Desktop\k tisku\foto_014.jpg
HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{95A97696-8078-4240-97C5-C80B7004EFFC}C:\users\deni\downloads\winbox.exe] => (Allow) C:\users\deni\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{C1AEABDF-01AA-4BC8-A265-A30BB96F221D}C:\users\deni\downloads\winbox.exe] => (Allow) C:\users\deni\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [{F403E2C0-0D29-4461-9771-152F7A268EFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EA3D8BF5-8473-4EE1-9A88-9F173D8AB855}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5D9561BE-551E-4FF2-8B5E-3C5072D345D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5A3B9944-9876-416B-BEAE-D3D9A78BDA01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BB5C42C-F8CD-40CE-A108-EEF40CA7DC86}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{6F85CA9D-7E7C-44E3-A00F-06B602BADD15}C:\users\deni\appdata\local\programs\opera\opera.exe] => (Block) C:\users\deni\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{CEF90A61-7268-4C4C-839D-839BC4D2748E}C:\users\deni\appdata\local\programs\opera\opera.exe] => (Block) C:\users\deni\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{DFC040DF-A95A-4263-9FAD-D39919295B95}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [UDP Query User{D7DAC33E-ABFC-4237-B8D4-A0EADC42D853}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [{4EC69758-EC40-4FA3-BB6C-15F948D7666E}] => (Block) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [{491AEC20-471C-45FC-A567-53978D7B89CE}] => (Block) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [{451937EA-C8B3-4DA4-ACDA-4F7F2482AB02}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AF435406-5F16-4ED0-8606-5119A2DC953B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{490F362B-D01A-4D25-9A19-61EEEA5C2E39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F138C85A-D574-4404-AF1B-40B080824EFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{466103C2-0688-44B8-ABE7-5AB8ECA4D44D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{47E05D3B-6D20-49E0-9DEE-A43EC3FFD7F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B62407B7-D85F-4F17-A734-27A3D2E6CBE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0F084D99-DBC3-47C7-9F53-0C54A747F3CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EA9A4ECB-9A1D-42BA-8BBF-0631BE6DA4F6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B5B68781-AB0E-4862-9A25-0D2FF5962ADD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6FD31589-F36B-4A2B-B96B-BF12B6861DDB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A4228E12-3C03-4FC8-95F9-095159C47C44}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{508A79F5-A4AA-49A6-93EE-0C4BB0AD9DCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{4C06579F-D60E-413F-B3E8-EBF331A99F2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{3B09C1C4-58B0-4842-97EE-0DD9DAC69EB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{04F2CBE4-EC36-4B07-A61D-F191500F8113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{0EDDCF05-553B-41B4-8212-33003B619A05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Syberia2.exe () [File not signed]
FirewallRules: [{56335173-05D5-4DE9-ABA7-D2EE5C0365DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Syberia2.exe () [File not signed]
FirewallRules: [{90AB1A9F-1466-40A9-B964-539E068FE623}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{9363F443-4983-4E70-BCE5-FB14E9D0544A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{0ADB2451-5BE2-4C74-8DD0-25CD13AC0A25}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16827.20166.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{1BA8B9E8-701F-4F33-8CA9-C23F76C5BFB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4ACEB8E1-ACDA-4235-A2BE-1675CB1CA30D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{84CECDC4-F56F-4BE7-BC7C-F6C0198EE328}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80F37251-C037-4602-AE0B-2F29E1CBBCE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F652BE3-59BE-4CAD-9A62-2695030804BA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08C9CA61-5C3D-45FD-B4DD-4D7B81D63730}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.17029.20068.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{290EB88D-6843-4473-8CAB-829962B18208}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7AAA8EFB-BCC9-41FE-899E-DA124DB593C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{69DED15A-D4A5-4810-9126-27CFA75E3611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BCD76DBE-B524-4D34-93A5-3948500A64BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B0E1D510-E4ED-433B-9D81-414E9C11D47F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F86275B3-36A5-406C-8566-309DD07EE8D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{607E2A5E-3A2D-4F40-8DB8-353F87C50171}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{93B8EEDE-AAA4-4DF5-A95B-C342D8596A4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81036081-A7D0-4C37-8779-4B486FDC4809}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EE58742C-C239-41E5-BC96-2BA3B3FA1741}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
11-12-2023 23:54:33 Naplánovaný kontrolní bod
13-12-2023 12:07:33 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2023 06:55:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.3636, časové razítko: 0x9b64aa6f
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff349
ID chybujícího procesu: 0x21ec
Čas spuštění chybující aplikace: 0x01da2ded68d765f4
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: fa9fc086-4f3a-4f8f-8a44-64070d93d181
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 06:52:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.3636, časové razítko: 0x81cf5d89
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x351c
Čas spuštění chybující aplikace: 0x01da2decefa600a7
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 12caf402-b031-46ec-90f2-263d0ad22101
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 06:49:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StorPSCTL.exe, verze: 1.0.0.0, časové razítko: 0x59c8647e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3803, časové razítko: 0x4f196cbf
Kód výjimky: 0xe0434352
Posun chyby: 0x0013f932
ID chybujícího procesu: 0x251c
Čas spuštění chybující aplikace: 0x01da2deca86be351
Cesta k chybující aplikaci: C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 82785674-b839-425e-9868-95e87af0cb53
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 06:49:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: StorPSCTL.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ObjectDisposedException
na System.Windows.Forms.Control.CreateHandle()
na System.Windows.Forms.Form.CreateHandle()
na System.Windows.Forms.Control.get_Handle()
na System.Windows.Forms.Control.SetVisibleCore(Boolean)
na System.Windows.Forms.Form.SetVisibleCore(Boolean)
na System.Windows.Forms.Control.set_Visible(Boolean)
na System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
na System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
na System.Windows.Forms.Application.Run(System.Windows.Forms.Form)
na StoragePSCTL.Program.Main()
Error: (12/13/2023 06:49:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: VCRUNTIME140.dll, verze: 14.14.26405.0, časové razítko: 0x5ac5b276
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000ba3b
ID chybujícího procesu: 0x1160
Čas spuštění chybující aplikace: 0x01da2dec3aa06ca4
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\Program Files\Norton Security\Engine\22.20.2.57\VCRUNTIME140.dll
ID zprávy: 66a8d5f1-570d-489a-90f3-d538c71ca645
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 01:10:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: sds_appendix_1_x64.dll, verze: 1.8.0.244, časové razítko: 0x5ba9f563
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000002d4550
ID chybujícího procesu: 0x25dc
Čas spuštění chybující aplikace: 0x01da2dbd2691651d
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\SDSDefs\20190214.022\sds_appendix_1_x64.dll
ID zprávy: cef2be94-1078-400a-8cea-9940227a8bd6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 01:06:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.3636, časové razítko: 0x9b64aa6f
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000525b5
ID chybujícího procesu: 0x3bac
Čas spuštění chybující aplikace: 0x01da2dbcac0ad358
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 345936c7-eec0-4bea-b365-99e3cc6044ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 01:04:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StorPSCTL.exe, verze: 1.0.0.0, časové razítko: 0x59c8647e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3803, časové razítko: 0x4f196cbf
Kód výjimky: 0xe0434352
Posun chyby: 0x0013f932
ID chybujícího procesu: 0x2db0
Čas spuštění chybující aplikace: 0x01da2dbc84408bb5
Cesta k chybující aplikaci: C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c07557d1-1c5f-4ac0-ba5a-4a76db8c9af7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/13/2023 07:31:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ETSM2MGT)
Description: Server {94269C4E-071A-4116-90E6-52E557067E4E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/13/2023 07:29:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ETSM2MGT)
Description: Server {94269C4E-071A-4116-90E6-52E557067E4E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/13/2023 06:55:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Norton Security byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (12/13/2023 06:52:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Norton Security byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (12/13/2023 06:49:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Norton Security byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (12/13/2023 06:48:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/13/2023 06:47:08 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 7265 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (12/13/2023 06:46:12 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:e6:c0:2f:8e:ff) se nezdařilo.
Windows Defender:
================
Date: 2023-12-13 19:42:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\Desktop\FRST.exe; file:_C:\Users\Deni\Desktop\FRST.exe (1).opdownload; webfile:_C:\Users\Deni\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 5060846679
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\Desktop\FRST.exe; file:_C:\Users\Deni\Desktop\FRST.exe (1).opdownload; webfile:_C:\Users\Deni\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 5060846679
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:48
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\Desktop\FRST.exe; webfile:_C:\Users\Deni\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 5060846679
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:36
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\f_00011b; file:_C:\Users\Deni\Downloads\47d3b0e5-32c0-4849-9b7c-bef701199da8.tmp
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\f_00011b
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]:
Date: 2023-11-19 11:09:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.811.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-09-27 02:43:23
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2023-09-27 01:27:33
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2023-09-27 01:06:29
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2023-09-13 21:58:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.875.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2023-12-13 19:40:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-12-13 18:48:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-12-13 13:02:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2023-12-13 10:10:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.07 09/28/2018
Motherboard: KBL Erdinger_KL
Processor: Intel(R) Core(TM) i3-8130U CPU @ 2.20GHz
Percentage of memory in use: 88%
Total physical RAM: 3978.19 MB
Available physical RAM: 446.22 MB
Total Virtual: 15242.19 MB
Available Virtual: 6169.17 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:290.38 GB) (Model: HFS512G39TND-N210A) NTFS
\\?\Volume{eec9eed4-d0e9-4140-a058-2bfc02b56f2a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.38 GB) NTFS
\\?\Volume{1db5ef3f-a238-4a48-800a-1b36717aad79}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 24A4D6EA)
Partition: GPT.
==================== End of Addition.txt =======================
prosím o kontrolu, NTB byl v nedávné době zkontrolován, ale teď se dějou daleko divočejší věci..NTB zamrzne a už se nehne, končí to resetem z mojí strany, když nezamrzne tak se seká, reaguje pomalu..prosím pomoc
![23 :o](./images/smilies/23.gif)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2023
Ran by Deni (administrator) on LAPTOP-ETSM2MGT (Acer Swift SF315-52) (13-12-2023 22:02:40)
Running from C:\Users\Deni\Desktop\FRST64.exe
Loaded Profiles: Deni
Platform: Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\hicloud\update_server\startUp.exe ->) (EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\SPUpDateServer.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Deni\AppData\Local\Programs\Opera\105.0.4970.34\opera_crashreporter.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\65.0.4.0\crashpad_handler.exe <2>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Opera Norway AS -> Opera Software) C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe <29>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.2.57\nsWscSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(svchost.exe ->) (EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\startUp.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Run: [Google Update] => C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\GoogleUpdateCore.exe [223008 2023-12-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Run: [MicrosoftEdgeAutoLaunch_9742FF3EC7E0B1CBAFAC0A60C1343A20] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788736 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\RunOnce: [!BingChatInstaller.exe] => C:\Windows\Temp\MUBSTemp\BingChatInstaller.exe [17682464 2023-12-13] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.)
HKLM\Software\...\AppCompatFlags\Custom\game.exe: [{1421ef36-3d77-4de9-aad4-c6f2f95e304f}.sdb] -> GOG.com The Longest Journey
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1421ef36-3d77-4de9-aad4-c6f2f95e304f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1421ef36-3d77-4de9-aad4-c6f2f95e304f}.sdb [2013-01-04]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3A173FD8-CA18-412C-862F-A9DCD35CAEA3} - \Software Update Application -> No File <==== ATTENTION
Task: {C7C6DF73-B03E-4482-A211-34CDC12212DB} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-31] (Acer Incorporated -> )
Task: {AC18FE8A-7CFD-439F-8B92-14DA59128EF4} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-31] (Acer Incorporated -> )
Task: {85A4BF33-95E2-4F80-B9EE-2078EFDC8AE7} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-10-31] (Acer Incorporated -> )
Task: {F4FF79B3-E39D-45F4-A313-8EA079C0E2DD} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-15] (Acer Incorporated -> )
Task: {0F0C8A43-B17C-4365-8EC6-1E784CACD186} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-14] (Acer Incorporated -> Acer Incorporated)
Task: {B9C7B079-7DB7-457D-9DB1-6246EDE1764F} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {A85E8BF4-E9B9-4506-BF7E-9701ADC4605E} - System32\Tasks\CareCenter\Google Update_Reg_HKCURun_S-1-5-21-3182236762-2932985501-2615738926-1001 => C:\Users\Deni\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe (No File) <==== ATTENTION
Task: {D0BEA893-136D-4B33-B9CF-38C4DC83EA78} - System32\Tasks\CareCenter\RtHDVBg_ASC_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {564ED0E8-537C-4B1B-8F60-5E7430F83CF0} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4FD77B89-23DE-4D97-928D-BF92F853A9C1} - System32\Tasks\CareCenter\SPUpDateServerrun_Reg_HKLMWow6432Run => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] (EZVIZ Inc. -> )
Task: {F6F4DFCD-98D7-41A2-9F91-ED603574C746} - System32\Tasks\DashlaneUpgradeCheck => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {394FC082-26F8-4B23-B399-A521CD0337BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001Core => C:\Users\Deni\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-30] (Google LLC -> Google LLC)
Task: {61EC1240-8B99-4BBD-A2A3-E02A0783F78C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001UA => C:\Users\Deni\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-30] (Google LLC -> Google LLC)
Task: {1E9A9CC0-27F6-43B9-9EF2-D601114609A2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {A4CE252C-B868-4197-BBCD-5BB51DFA29C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {952D7575-ECF3-4DBE-AB92-7DF4A095B698} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1B09EF5E-3A05-47D5-88A6-CA75F1B28677} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC070C13-E1F1-4C1F-ABF9-C2B953D10159} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA47B81D-541D-4FDB-9A0E-338D5C5DEA82} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [256512 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
Task: {609FA6C8-1E05-4021-A525-6D26BE1F53AA} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {9CA55461-EF0F-47C3-A99B-EEB076FCB690} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {2F51F7DB-3574-4600-8E79-CDC6144022EB} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {AADED1BA-FE50-4A74-8CEC-FCFA26EC4FFE} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.2.57\WSCStub.exe [645008 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {380EE4CF-A46B-484C-8D25-3B79681290C5} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {6A39B91D-6AAD-4F68-A1FD-249E11E3A014} - System32\Tasks\Opera scheduled Autoupdate 1545039687 => C:\Users\Deni\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-12-05] (Opera Norway AS -> Opera Software)
Task: {81703383-8836-43B9-ACDB-EB04A13A640F} - System32\Tasks\Opera scheduled Autoupdate 1620516357 => C:\Users\Mirek\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-10-13] (Opera Norway AS -> Opera Software)
Task: {E1D66FFD-9FEB-4F62-834B-5C46BFC70BAE} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2771104 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {51E2DD2E-7CAE-41C5-B9A8-965185AE46E0} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {0BBDF5EE-13F6-436F-8DA2-D8BEEA780C07} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2162704 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {D213AC33-4189-4DB0-A591-167FBD875C37} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [91440 2017-09-26] (Acer Incorporated -> Microsoft)
Task: {D80BA947-06ED-470E-9465-C0FCF07BF095} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-09-14] (Acer Incorporated -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91012a6c-9ab6-4a2a-b373-f227e8fcd55d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b51b2470-09b3-4280-a0bd-d4356cc6c9a2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ce119a0c-9973-4bab-a3b4-9fe970141d1a}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Deni\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Deni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
Edge Extension: (Edge relevant text changes) - C:\Users\Deni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-02]
FireFox:
========
FF DefaultProfile: i2e42mik.default
FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\i2e42mik.default [2023-08-08]
FF Homepage: Mozilla\Firefox\Profiles\i2e42mik.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\i2e42mik.default -> about:newtab
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\i2e42mik.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-21]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\i2e42mik.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2022-04-21]
Chrome:
=======
CHR Profile: C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default [2023-10-06]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Extension: (Hamty.cz doplněk) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccfnphpieojibjmnodiiobdapckkkfb [2023-10-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-06]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S3 GameInputSvc; C:\WINDOWS\System32\GameInputSvc.exe [50280 2023-12-13] (Microsoft Corporation -> Microsoft Corporation)
S2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe [344760 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.2.57\nsWscSvc.exe [1055960 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466592 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [505504 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-14] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1685312 2023-02-09] (WildTangent, Inc. -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\BASHDefs\20190212.002\BHDrvx64.sys [1934048 2019-02-12] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\ccSetx64.sys [192376 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-12-16] (Symantec Corporation -> Symantec Corporation)
R0 FPWinIo; C:\WINDOWS\System32\drivers\FPWinIo.sys [30536 2017-11-09] (Egis Technology Inc. -> Egis Technology Inc.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\IPSDefs\20190214.061\IDSvia64.sys [1424904 2019-01-26] (Symantec Corporation -> Symantec Corporation)
R3 MpKslee2cbb23; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32F6FA1F-5A96-4BEC-99C2-0AD812A41804}\MpKslDrv.sys [263560 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Program Files (x86)\Ezviz Studio\npf64.sys [36600 2021-01-25] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SRTSP64.SYS [889520 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SRTSPX64.SYS [50864 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SYMEFASI64.SYS [1964552 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\SymELAM.sys [25024 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-21] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.11.1.5\SymPlatform\SymEvnt.sys [678616 2019-01-28] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\Ironx64.SYS [316656 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\symnets.sys [575280 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614020.039\wpCtrlDrv.sys [1012120 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S3 MpKsl5a30cc99; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F7CF92C8-E940-470B-8C1B-5CF8D31C295B}\MpKslDrv.sys [X]
S3 MpKsl98b2782c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F7CF92C8-E940-470B-8C1B-5CF8D31C295B}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-13 22:02 - 2023-12-13 22:03 - 000025032 _____ C:\Users\Deni\Desktop\FRST.txt
2023-12-13 22:02 - 2023-12-13 22:03 - 000000000 ____D C:\FRST
2023-12-13 19:42 - 2023-12-13 19:42 - 002386432 _____ (Farbar) C:\Users\Deni\Desktop\FRST64.exe
2023-12-13 12:59 - 2023-12-13 12:59 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-13 12:19 - 2023-12-13 12:19 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-13 12:07 - 2023-12-13 12:07 - 000000000 ___HD C:\$WinREAgent
2023-12-09 00:10 - 2023-12-09 00:10 - 000120906 _____ C:\Users\Deni\Downloads\faktura_FV-M-043429-11-2023.pdf
2023-12-09 00:09 - 2023-12-09 00:09 - 000067667 _____ C:\Users\Deni\Downloads\5084567315.pdf
2023-12-06 23:06 - 2023-12-06 22:46 - 824114087 _____ C:\Users\Deni\Desktop\Vánoce.zip
2023-12-06 23:02 - 2023-12-06 23:05 - 824114087 _____ C:\Users\Deni\Downloads\Bohoňkovi Vánoce (1).zip
2023-12-06 22:58 - 2023-12-06 22:58 - 000001043 _____ C:\Users\Public\Desktop\CEWE fotosvet.lnk
2023-12-06 22:58 - 2023-12-06 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE fotosvet
2023-12-06 22:51 - 2023-12-06 22:51 - 000000000 ____D C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CEWE fotosvet
2023-12-06 22:50 - 2023-12-06 22:50 - 000000000 ____D C:\Users\Deni\Desktop\Vánoční focení 2023
2023-12-06 22:48 - 2023-12-06 22:48 - 000000000 ____D C:\Users\Deni\AppData\Roaming\hps-install
2023-12-06 22:43 - 2023-12-06 22:46 - 824114087 _____ C:\Users\Deni\Downloads\Bohoňkovi Vánoce.zip
2023-12-06 21:04 - 2023-12-06 21:04 - 000000000 ____D C:\Users\Deni\Desktop\egg real fotky
2023-12-06 21:00 - 2023-12-06 21:00 - 000023122 _____ C:\Users\Deni\Desktop\VZOR1_ omezeni svepravnosti 1111.odt
2023-12-06 20:54 - 2023-12-06 23:04 - 000000000 ____D C:\Users\Deni\Desktop\ořezy focení u vody 2023
2023-12-05 22:51 - 2023-12-05 22:51 - 000118451 _____ C:\Users\Deni\Desktop\E-01-08-navrh na omezeni svepravnosti.pdf
2023-12-04 10:57 - 2023-12-04 10:57 - 004792365 _____ C:\Users\Deni\Downloads\prilohy_284907.zip
2023-12-03 18:40 - 2023-12-03 18:40 - 000033479 _____ C:\Users\Deni\Desktop\Rozvrh směn Soběnov 2024.xlsx
2023-12-01 09:47 - 2023-12-01 09:47 - 000051750 _____ C:\Users\Deni\Downloads\invoice_2317720.pdf
2023-11-30 07:40 - 2023-11-30 07:40 - 000020710 _____ C:\Users\Deni\Downloads\Ezopovy+bajky+-+ČD (1).odt
2023-11-29 00:44 - 2023-11-29 00:44 - 000020710 _____ C:\Users\Deni\Downloads\Ezopovy+bajky+-+ČD.odt
2023-11-21 19:12 - 2023-11-21 19:22 - 2460943487 _____ C:\Users\Deni\Downloads\2023-11-18 16-58-11.mkv
2023-11-18 22:56 - 2023-11-18 22:56 - 000034170 _____ C:\Users\Deni\Downloads\1621099176.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-13 22:01 - 2023-09-24 19:04 - 000000000 ____D C:\Users\Deni\Desktop\screeny
2023-12-13 21:48 - 2020-10-08 23:31 - 000003508 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2023-12-13 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-13 21:25 - 2020-10-08 23:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-13 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-13 19:40 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-13 18:51 - 2020-10-08 23:33 - 000006020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-13 18:51 - 2019-12-07 15:41 - 004180756 _____ C:\WINDOWS\system32\perfh005.dat
2023-12-13 18:51 - 2019-12-07 15:41 - 001174766 _____ C:\WINDOWS\system32\perfc005.dat
2023-12-13 18:46 - 2023-08-14 11:01 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-13 18:46 - 2018-12-17 10:10 - 000000000 __SHD C:\Users\Deni\IntelGraphicsProfiles
2023-12-13 18:45 - 2021-01-19 08:03 - 000000000 ____D C:\WINDOWS\Minidump
2023-12-13 18:45 - 2020-10-08 23:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-13 18:45 - 2020-10-08 23:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-13 18:45 - 2020-02-11 09:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-12-13 18:45 - 2019-09-20 18:45 - 1021662631 _____ C:\WINDOWS\MEMORY.DMP
2023-12-13 13:01 - 2020-10-08 23:25 - 000000000 ____D C:\Users\Deni
2023-12-13 13:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-13 13:01 - 2018-12-17 10:10 - 000000000 ____D C:\Users\Deni\AppData\Local\Packages
2023-12-13 13:00 - 2020-10-08 23:24 - 000296552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-13 13:00 - 2019-12-07 10:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-13 12:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-13 12:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-13 12:21 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-13 12:21 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-12-13 12:19 - 2020-10-08 23:26 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-13 09:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-12 16:56 - 2020-03-30 14:40 - 000002501 _____ C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-12 16:19 - 2020-10-08 23:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2023-12-12 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-11 21:04 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-11 00:29 - 2019-01-14 13:02 - 000000000 ____D C:\ProgramData\Packages
2023-12-11 00:29 - 2018-12-17 10:24 - 000000000 ____D C:\Users\Deni\AppData\Local\PlaceholderTileLogoFolder
2023-12-10 09:58 - 2020-10-08 23:31 - 000004198 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1545039687
2023-12-10 09:58 - 2018-12-17 10:41 - 000001410 _____ C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-12-08 08:50 - 2020-06-09 00:42 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-07 12:46 - 2019-01-14 12:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-06 23:00 - 2023-10-28 21:20 - 000000000 ____D C:\Users\Deni\Desktop\FOTO
2023-12-05 18:39 - 2023-09-16 07:56 - 000004030 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001UA
2023-12-05 18:39 - 2023-09-16 07:56 - 000003762 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182236762-2932985501-2615738926-1001Core
2023-12-04 12:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-21 13:22 - 2021-12-12 18:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3182236762-2932985501-2615738926-1001
2023-11-21 13:22 - 2020-10-08 23:31 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3182236762-2932985501-2615738926-1001
2023-11-21 13:22 - 2020-10-08 23:25 - 000002382 _____ C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-19 13:53 - 2023-08-14 11:03 - 000000000 ____D C:\Users\Deni\AppData\Local\Steam
2023-11-16 14:01 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-16 14:01 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-16 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-16 14:00 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-16 14:00 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-16 14:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-14 23:13 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-14 23:13 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-14 22:52 - 2019-01-13 21:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-14 22:50 - 2019-01-13 21:10 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2023-01-01 14:52 - 2023-01-01 14:52 - 000000042 _____ () C:\Users\Deni\AppData\Local\Autosofted License.txt
2022-12-18 19:14 - 2022-12-18 19:14 - 000003631 _____ () C:\Users\Deni\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2023
Ran by Deni (13-12-2023 22:05:48)
Running from C:\Users\Deni\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) (2020-10-08 22:31:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3182236762-2932985501-2615738926-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3182236762-2932985501-2615738926-503 - Limited - Disabled)
Deni (S-1-5-21-3182236762-2932985501-2615738926-1001 - Administrator - Enabled) => C:\Users\Deni
Guest (S-1-5-21-3182236762-2932985501-2615738926-501 - Limited - Disabled)
Mirek (S-1-5-21-3182236762-2932985501-2615738926-1002 - Limited - Enabled) => C:\Users\Mirek
WDAGUtilityAccount (S-1-5-21-3182236762-2932985501-2615738926-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Disabled - Out of date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Disabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3034 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3030 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3005 - Acer Incorporated)
Auto Key Presser (HKLM-x32\...\{E74BC2D3-A788-45B8-B526-2E3F7702FD51}) (Version: 0.7.0 - Arifur.net)
CEWE fotosvet (HKLM\...\CEWE fotosvet) (Version: 7.3.4 - CEWE Stiftung u Co. KGaA)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 6.4.5 - CEWE Stiftung u Co. KGaA)
EgisTec Touch Fingerprint Sensor PBA Driver (HKLM-x32\...\{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.3.14 - Egis Technology Inc.)
Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version: - EZVIZ Inc.)
Farmerama (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Farmerama) (Version: 1.2.8 - Bigpoint GmbH)
GIMP 2.10.30 (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
GOG.com The Longest Journey (HKLM\...\{1421ef36-3d77-4de9-aad4-c6f2f95e304f}.sdb) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 65.0.4.0 - Google LLC)
Google Chrome (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Google Chrome) (Version: 120.0.6099.71 - Google LLC)
iCloud Outlook (HKLM\...\{B8056148-C2ED-44EC-A3D1-93FDA8B120FC}) (Version: 13.4.0.101 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{7FB35D08-C75C-4A18-B593-1D7C3E8970AD}) (Version: 10.1.1.45 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1050 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{39E08562-9C5A-42B9-9583-4D3BEE17FF0B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{586324D6-35AF-4738-9324-B44F54638797}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3DEB594C-9E31-4AF0-8142-8047EEBCD837}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{82B8C0DF-94E9-4E42-B132-47F13CD5EE3C}) (Version: 15.9.1.1020 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{E6D90D08-C61C-42BD-971B-301E5C9B6F70}) (Version: 30.100.1725.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{ba25c46f-28f8-4449-97ab-7bb20f3f9a9c}) (Version: 20.30.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{86BC0F23-2560-4635-A7DE-95B174D7A95E}) (Version: 20.30.0.1296 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\...\OneDriveSetup.exe) (Version: 22.207.1002.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{604D9458-AADD-4FC8-91ED-4417258DE59F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{0ABFD65F-A001-4804-975A-33BB2F404621}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 99.0.1 (x86 en-US)) (Version: 99.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
Norton Security (HKLM-x32\...\NGC) (Version: 22.20.2.57 - Symantec Corporation)
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Opera Stable 105.0.4970.34 (HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\...\Opera 105.0.4970.34) (Version: 105.0.4970.34 - Opera Software)
Opera Stable 91.0.4516.77 (HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\...\Opera 91.0.4516.77) (Version: 91.0.4516.77 - Opera Software)
paint.net (HKLM\...\{E91052A0-E7C9-4462-B7B5-2C7279F7203B}) (Version: 4.3.12 - dotPDN LLC)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8924.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
The Longest Journey (HKLM-x32\...\GOGPACKTLJ_is1) (Version: 2.0.0.12 - GOG.com)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.1 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 5.0.0.331 - WildTangent) Hidden
WinRAR 5.91 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2021-05-09] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-05-30] (Acer Incorporated)
Booking.com Partner App -> C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerApp_1.1.2.1000_x64__6wqyppa9wfhnr [2021-05-09] (Booking.com B.V.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2670.2.0_x64__kgqvnymyfvs32 [2023-12-08] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.507.0_x64__rz1tebttyb220 [2023-12-09] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation)
eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2021-05-09] (CN=Acer Incorporated)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.67.4.0_x64__q4d96b2w5wcc2 [2023-12-05] (Evernote) [Startup Task]
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-17] (Fitbit)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-11] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa [2023-11-04] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.16.0_x64__w1wdnht996qgy [2023-12-08] (LinkedIn) [Startup Task]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-06-13] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.17029.20068.0_x86__8wekyb3d8bbwe [2023-12-13] (Microsoft Corporation)
Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2021-05-09] (MAGIX Software GmbH)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-10-20] (Netflix, Inc.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1129.0_x64__8wekyb3d8bbwe [2023-12-11] (Microsoft Corporation)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-05-09] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-05-09] (CYBERLINK COM CORP)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.4.96.0_x64__kx24dqmazqk8j [2023-08-31] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-10-20] (Random Salad Games LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Studios) [MS Ad]
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.1.121.0_x64__kx24dqmazqk8j [2023-12-13] (Random Salad Games LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-05-09] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm [2023-12-08] (WhatsApp Inc.) [Startup Task]
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2021-05-09] (WildTangent Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{7C7100B8-AB8A-44E3-8F31-AAC9DA5031A5} -> [Fotky na iCloudu] => C:\Users\Deni\Pictures\iCloud Photos\Photos
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{82A6D7A6-FC2E-4DFD-AAEF-E3BBF9AD71AD}\localserver32 -> C:\Program Files\Fotolab\CEWE fotosvet\AutoBookService.exe () [File not signed]
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{8D422533-936A-4A82-B15C-BD5319AB0026}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.332\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Deni\AppData\Local\Google\Chrome\Application\120.0.6099.71\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{AE9899FA-E21F-4D91-BD1F-59BC10E56CA1}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.293\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{B9C751AA-D9CF-4E09-A270-E5BBD2194F83}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{E4949BE6-C9FF-4AFA-8672-6127D857418B}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.313\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{E5417C58-D42F-4799-AAF2-6D4F0B72EB1C} -> [iCloud Drive] => C:\Users\Deni\iCloudDrive
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.352\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3182236762-2932985501-2615738926-1001_Classes\CLSID\{ED0BC9DB-3CE6-49E5-9B2F-590DCEF8C016}\InprocServer32 -> C:\Users\Deni\AppData\Local\Google\Update\1.3.36.342\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll [2022-10-20] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9088b61921a6ff9f\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.2.57\NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-02-12 12:34 - 2015-09-10 16:50 - 000195072 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\ExceptionHandler.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 001320448 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hlog.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000151607 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hpr.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000107520 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\SPUpDate.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000285184 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\hicloud\update_server\libcurl.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 001204736 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\LIBEAY32.dll
2022-02-12 12:34 - 2015-09-10 16:50 - 000296448 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2023-08-08 09:05 - 000000753 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3182236762-2932985501-2615738926-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Deni\Desktop\k tisku\foto_014.jpg
HKU\S-1-5-21-3182236762-2932985501-2615738926-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{95A97696-8078-4240-97C5-C80B7004EFFC}C:\users\deni\downloads\winbox.exe] => (Allow) C:\users\deni\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{C1AEABDF-01AA-4BC8-A265-A30BB96F221D}C:\users\deni\downloads\winbox.exe] => (Allow) C:\users\deni\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [{F403E2C0-0D29-4461-9771-152F7A268EFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EA3D8BF5-8473-4EE1-9A88-9F173D8AB855}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5D9561BE-551E-4FF2-8B5E-3C5072D345D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5A3B9944-9876-416B-BEAE-D3D9A78BDA01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BB5C42C-F8CD-40CE-A108-EEF40CA7DC86}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{6F85CA9D-7E7C-44E3-A00F-06B602BADD15}C:\users\deni\appdata\local\programs\opera\opera.exe] => (Block) C:\users\deni\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{CEF90A61-7268-4C4C-839D-839BC4D2748E}C:\users\deni\appdata\local\programs\opera\opera.exe] => (Block) C:\users\deni\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{DFC040DF-A95A-4263-9FAD-D39919295B95}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [UDP Query User{D7DAC33E-ABFC-4237-B8D4-A0EADC42D853}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [{4EC69758-EC40-4FA3-BB6C-15F948D7666E}] => (Block) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [{491AEC20-471C-45FC-A567-53978D7B89CE}] => (Block) C:\program files (x86)\ezviz studio\ezvizstudio.exe (杭州萤石软件有限公司 -> EZVIZ Inc.)
FirewallRules: [{451937EA-C8B3-4DA4-ACDA-4F7F2482AB02}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AF435406-5F16-4ED0-8606-5119A2DC953B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{490F362B-D01A-4D25-9A19-61EEEA5C2E39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F138C85A-D574-4404-AF1B-40B080824EFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{466103C2-0688-44B8-ABE7-5AB8ECA4D44D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{47E05D3B-6D20-49E0-9DEE-A43EC3FFD7F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B62407B7-D85F-4F17-A734-27A3D2E6CBE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0F084D99-DBC3-47C7-9F53-0C54A747F3CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EA9A4ECB-9A1D-42BA-8BBF-0631BE6DA4F6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B5B68781-AB0E-4862-9A25-0D2FF5962ADD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6FD31589-F36B-4A2B-B96B-BF12B6861DDB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A4228E12-3C03-4FC8-95F9-095159C47C44}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{508A79F5-A4AA-49A6-93EE-0C4BB0AD9DCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{4C06579F-D60E-413F-B3E8-EBF331A99F2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{3B09C1C4-58B0-4842-97EE-0DD9DAC69EB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{04F2CBE4-EC36-4B07-A61D-F191500F8113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{0EDDCF05-553B-41B4-8212-33003B619A05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Syberia2.exe () [File not signed]
FirewallRules: [{56335173-05D5-4DE9-ABA7-D2EE5C0365DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Syberia2.exe () [File not signed]
FirewallRules: [{90AB1A9F-1466-40A9-B964-539E068FE623}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{9363F443-4983-4E70-BCE5-FB14E9D0544A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{0ADB2451-5BE2-4C74-8DD0-25CD13AC0A25}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16827.20166.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{1BA8B9E8-701F-4F33-8CA9-C23F76C5BFB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4ACEB8E1-ACDA-4235-A2BE-1675CB1CA30D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{84CECDC4-F56F-4BE7-BC7C-F6C0198EE328}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80F37251-C037-4602-AE0B-2F29E1CBBCE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F652BE3-59BE-4CAD-9A62-2695030804BA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08C9CA61-5C3D-45FD-B4DD-4D7B81D63730}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.17029.20068.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{290EB88D-6843-4473-8CAB-829962B18208}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7AAA8EFB-BCC9-41FE-899E-DA124DB593C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{69DED15A-D4A5-4810-9126-27CFA75E3611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BCD76DBE-B524-4D34-93A5-3948500A64BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B0E1D510-E4ED-433B-9D81-414E9C11D47F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F86275B3-36A5-406C-8566-309DD07EE8D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{607E2A5E-3A2D-4F40-8DB8-353F87C50171}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{93B8EEDE-AAA4-4DF5-A95B-C342D8596A4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81036081-A7D0-4C37-8779-4B486FDC4809}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EE58742C-C239-41E5-BC96-2BA3B3FA1741}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
11-12-2023 23:54:33 Naplánovaný kontrolní bod
13-12-2023 12:07:33 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2023 06:55:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.3636, časové razítko: 0x9b64aa6f
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff349
ID chybujícího procesu: 0x21ec
Čas spuštění chybující aplikace: 0x01da2ded68d765f4
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: fa9fc086-4f3a-4f8f-8a44-64070d93d181
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 06:52:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.3636, časové razítko: 0x81cf5d89
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x351c
Čas spuštění chybující aplikace: 0x01da2decefa600a7
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 12caf402-b031-46ec-90f2-263d0ad22101
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 06:49:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StorPSCTL.exe, verze: 1.0.0.0, časové razítko: 0x59c8647e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3803, časové razítko: 0x4f196cbf
Kód výjimky: 0xe0434352
Posun chyby: 0x0013f932
ID chybujícího procesu: 0x251c
Čas spuštění chybující aplikace: 0x01da2deca86be351
Cesta k chybující aplikaci: C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 82785674-b839-425e-9868-95e87af0cb53
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 06:49:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: StorPSCTL.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ObjectDisposedException
na System.Windows.Forms.Control.CreateHandle()
na System.Windows.Forms.Form.CreateHandle()
na System.Windows.Forms.Control.get_Handle()
na System.Windows.Forms.Control.SetVisibleCore(Boolean)
na System.Windows.Forms.Form.SetVisibleCore(Boolean)
na System.Windows.Forms.Control.set_Visible(Boolean)
na System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
na System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
na System.Windows.Forms.Application.Run(System.Windows.Forms.Form)
na StoragePSCTL.Program.Main()
Error: (12/13/2023 06:49:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: VCRUNTIME140.dll, verze: 14.14.26405.0, časové razítko: 0x5ac5b276
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000ba3b
ID chybujícího procesu: 0x1160
Čas spuštění chybující aplikace: 0x01da2dec3aa06ca4
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\Program Files\Norton Security\Engine\22.20.2.57\VCRUNTIME140.dll
ID zprávy: 66a8d5f1-570d-489a-90f3-d538c71ca645
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 01:10:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: sds_appendix_1_x64.dll, verze: 1.8.0.244, časové razítko: 0x5ba9f563
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000002d4550
ID chybujícího procesu: 0x25dc
Čas spuštění chybující aplikace: 0x01da2dbd2691651d
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\SDSDefs\20190214.022\sds_appendix_1_x64.dll
ID zprávy: cef2be94-1078-400a-8cea-9940227a8bd6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 01:06:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.43, časové razítko: 0x5e3caa6d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.3636, časové razítko: 0x9b64aa6f
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000525b5
ID chybujícího procesu: 0x3bac
Čas spuštění chybující aplikace: 0x01da2dbcac0ad358
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.20.2.57\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 345936c7-eec0-4bea-b365-99e3cc6044ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/13/2023 01:04:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StorPSCTL.exe, verze: 1.0.0.0, časové razítko: 0x59c8647e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3803, časové razítko: 0x4f196cbf
Kód výjimky: 0xe0434352
Posun chyby: 0x0013f932
ID chybujícího procesu: 0x2db0
Čas spuštění chybující aplikace: 0x01da2dbc84408bb5
Cesta k chybující aplikaci: C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c07557d1-1c5f-4ac0-ba5a-4a76db8c9af7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/13/2023 07:31:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ETSM2MGT)
Description: Server {94269C4E-071A-4116-90E6-52E557067E4E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/13/2023 07:29:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ETSM2MGT)
Description: Server {94269C4E-071A-4116-90E6-52E557067E4E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/13/2023 06:55:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Norton Security byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (12/13/2023 06:52:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Norton Security byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (12/13/2023 06:49:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Norton Security byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (12/13/2023 06:48:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/13/2023 06:47:08 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 7265 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (12/13/2023 06:46:12 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:e6:c0:2f:8e:ff) se nezdařilo.
Windows Defender:
================
Date: 2023-12-13 19:42:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\Desktop\FRST.exe; file:_C:\Users\Deni\Desktop\FRST.exe (1).opdownload; webfile:_C:\Users\Deni\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 5060846679
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\Desktop\FRST.exe; file:_C:\Users\Deni\Desktop\FRST.exe (1).opdownload; webfile:_C:\Users\Deni\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 5060846679
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:48
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\Desktop\FRST.exe; webfile:_C:\Users\Deni\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 5060846679
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:36
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\f_00011b; file:_C:\Users\Deni\Downloads\47d3b0e5-32c0-4849-9b7c-bef701199da8.tmp
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2023-12-13 19:41:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Deni\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\f_00011b
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-ETSM2MGT\Deni
Název procesu: C:\Users\Deni\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.403.439.0, AS: 1.403.439.0, NIS: 1.403.439.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]:
Date: 2023-11-19 11:09:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.811.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-09-27 02:43:23
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2023-09-27 01:27:33
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2023-09-27 01:06:29
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2023-09-13 21:58:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.875.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2023-12-13 19:40:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-12-13 18:48:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-12-13 13:02:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2023-12-13 10:10:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.2.57\symamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.07 09/28/2018
Motherboard: KBL Erdinger_KL
Processor: Intel(R) Core(TM) i3-8130U CPU @ 2.20GHz
Percentage of memory in use: 88%
Total physical RAM: 3978.19 MB
Available physical RAM: 446.22 MB
Total Virtual: 15242.19 MB
Available Virtual: 6169.17 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:290.38 GB) (Model: HFS512G39TND-N210A) NTFS
\\?\Volume{eec9eed4-d0e9-4140-a058-2bfc02b56f2a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.38 GB) NTFS
\\?\Volume{1db5ef3f-a238-4a48-800a-1b36717aad79}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 24A4D6EA)
Partition: GPT.
==================== End of Addition.txt =======================