Dobý den,,moc prosím o komtrolu.
Nejak mi to otvírá samo průzkumnik a videa,,třeba na youtube se sekaji.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08.2024
Ran by Admin (12-08-2024 20:07:00)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4651 (X64) (2024-05-13 09:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Admin (S-1-5-21-553120771-3500017404-3142294873-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-553120771-3500017404-3142294873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-553120771-3500017404-3142294873-503 - Limited - Disabled)
Guest (S-1-5-21-553120771-3500017404-3142294873-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-553120771-3500017404-3142294873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.5.1570.2222 - Avast Software)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 24.2.16549.17700 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.7.6124 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 126.0.25735.183 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.7.10323.12854 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.26 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.100 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 127.0.2651.98 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.113 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\OneDriveSetup.exe) (Version: 24.146.0721.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
OpenShot Video Editor 3.1.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 3.1.1 - OpenShot Studios, LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 16.31 - NCH Software)
Vidmore Video Converter 1.3.36 (HKLM-x32\...\{88AA44F4-419C-4027-81D8-45DE96AF0E3B}_is1) (Version: 1.3.36 - Vidmore)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Wondershare Filmora 13(Build 13.5.1.7566) (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.1) (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Packages:
=========
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{054ae674-157a-44a3-8a6f-0546cbe49251}\localserver32 -> C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe (NCH Software, Inc. -> NCH Software)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Dell Wireless 1506 802.11b|g|n (2.4GHz) -> athw8x.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_1088872FC4C2207C6D62AF0E8871CAAC"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E7988FDB-58E4-4A25-B0F5-D47E7CC707AE}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{72EA4C7D-1F0F-4C72-9B9F-9F165387BFD9}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{F1A7DBC4-4F93-4B90-8BA8-715C9FD087B3}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{39048753-18A2-4940-98B0-DF94AF4A9145}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{330399DE-8E1C-460B-9BC3-09BA1AC4F501}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{A908805A-AC58-4355-8823-55D6931BDFA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{6363F898-9525-4A4C-A20F-012F120B1815}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BD050164-4F95-410E-A73A-E7C8343D2175}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BB3D1E7E-2430-4C00-AA61-021C891BCDF0}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{105C328D-F9F0-4632-B304-023FF56CCBCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79A8E68D-F7C9-4ABC-B391-C3229D8F3594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43B52E97-DF7A-4D44-843B-2BE895438DFB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D411DB72-AEA6-4FF8-8558-6A3EC9537128}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8C7755FC-6BB4-4086-833B-0099B319989E}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{FA1B0249-0061-48B2-A3E4-7C39436A8F51}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{8598B9CE-1E1F-4508-8352-24081F19C1C6}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{B6879F2C-2596-434E-886A-E5BD4AB2DD84}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{5D7048D2-1D32-44F5-B243-D86296507D3C}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{DC3B1230-0D8A-45EA-84A5-C65E29D3C44F}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{A0A0B66F-02CA-4D66-918B-8E25153D5CA0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
26-07-2024 12:34:19 Naplánovaný kontrolní bod
01-08-2024 15:22:00 Installed blender
01-08-2024 15:31:13 Removed blender
07-08-2024 19:45:54 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
12-08-2024 18:59:03 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/11/2024 08:18:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HiSuite.exe verze 11.0.0.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 337c
Čas spuštění: 01daebb5f112ad65
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\HiSuite\HiSuite.exe
ID hlášení: c9bb6a5e-ca06-4fa1-8d1f-7865915add52
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (08/07/2024 06:38:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AvastUI.exe verze 24.7.9311.892 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1658
Čas spuštění: 01dae8e698f3e9ae
Čas ukončení: 60000
Cesta k aplikaci: C:\Program Files\Avast Software\Avast\AvastUI.exe
ID hlášení: 4bb9b0d1-66f7-4821-9731-1c2f92f3458c
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (07/29/2024 08:44:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.4648, časové razítko: 0x1fd45943
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72e181f0
ID chybujícího procesu: 0x1604
Čas spuštění chybující aplikace: 0x01dae1e75045f016
Cesta k chybující aplikaci: C:\Windows\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9490c9ed-c205-42f3-a533-bae7334ffd28
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/18/2024 12:59:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0xe07647a2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4648, časové razítko: 0x5a4af933
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d5d2
ID chybujícího procesu: 0x257c
Čas spuštění chybující aplikace: 0x01dad90186620594
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7c1c40b3-3548-415e-b838-310eeef73470
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (07/11/2024 07:54:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.4355, časové razítko: 0x90a2b675
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4522, časové razítko: 0xf7a99bd4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012d332
ID chybujícího procesu: 0x3320
Čas spuštění chybující aplikace: 0x01dad3561b10695e
Cesta k chybující aplikaci: C:\Windows\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: e6e22301-ef41-488f-8593-48b26cd83cd0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/08/2024 12:11:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.4522, časové razítko: 0x69c14f93
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72a081f0
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01dad11f1fe673ff
Cesta k chybující aplikaci: C:\Windows\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4b1c2f19-62e1-480c-bb12-049648c1dc76
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/21/2024 11:45:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AC4BFSP.exe, verze: 0.0.0.0, časové razítko: 0x53343cbf
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0xc0000417
Posun chyby: 0x0008af3e
ID chybujícího procesu: 0x2f4c
Čas spuštění chybující aplikace: 0x01daab6398a06327
Cesta k chybující aplikaci: C:\Program Files (x86)\Assassins Creed IV Black Flag\AC4BFSP.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSVCR100.dll
ID zprávy: f759fd05-0c80-4557-ba87-2c11ad514471
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/21/2024 11:44:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AC4BFSP.exe, verze: 0.0.0.0, časové razítko: 0x53343cbf
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0xc0000417
Posun chyby: 0x0008af3e
ID chybujícího procesu: 0x2414
Čas spuštění chybující aplikace: 0x01daab63888c0df3
Cesta k chybující aplikaci: C:\Program Files (x86)\Assassins Creed IV Black Flag\AC4BFSP.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSVCR100.dll
ID zprávy: 02ccda82-d1d8-46d6-9819-6e9817ffcbc2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/12/2024 06:58:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2024-01, aktualizace zabezpečení pro Windows 10 Version 22H2 pro systémy typu x64 (KB5034441).
Error: (08/11/2024 09:57:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1UKJ1NG)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/11/2024 08:16:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 02:41:07 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 11:00:01 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 09:21:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 08:01:17 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/09/2024 06:51:08 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Windows Defender:
================
Date: 2024-05-15 13:54:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E1796DCB-BFB3-4404-B3A1-BADD5AA9E67B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2024-08-12 18:39:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-08-12 18:38:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A10 05/13/2013
Motherboard: Dell Inc. 084J0R
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8066.02 MB
Available physical RAM: 3592.99 MB
Total Virtual: 9346.02 MB
Available Virtual: 3997.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.91 GB) (Free:151.73 GB) (Model: SanDisk SD7TB3Q-256G-1006) NTFS
\\?\Volume{b7e55f96-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{b7e55f96-0000-0000-0000-907d3b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: B7E55F96)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=523 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08.2024
Ran by Admin (administrator) on DESKTOP-1UKJ1NG (Dell Inc. Vostro 270) (12-08-2024 20:04:44)
Running from C:\Users\Admin\Desktop\FRST64.exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4651 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <2>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2406.13.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [426904 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [10373416 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3814968 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Run: [AvastBrowserAutoLaunch_1088872FC4C2207C6D62AF0E8871CAAC] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3153984 2024-07-17] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44970408 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\MountPoints2: {e590b818-154a-11ef-8f76-a41f728d94ba} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\MountPoints2: {e590ba1c-154a-11ef-8f76-a41f728d94ba} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.100\Installer\chrmstp.exe [2024-08-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\126.0.25735.183\Installer\chrmstp.exe [2024-07-30] (Avast Software s.r.o. -> Gen Digital Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2024-08-07]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F14D1D5C-FE50-4E69-B5CB-5F82FC71D48F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3153984 2024-07-17] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {698A8E3E-5161-4C52-A6E3-DEE06AA174E3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3153984 2024-07-17] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {3D4DBA84-FD1A-4D2A-89A9-285DF4EA6B7A} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5854504 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {BAA122CE-D6B7-4B73-8109-9672ACE664DF} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [8040344 2024-07-30] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {40AB2875-A846-49F1-901B-C894598BA61D} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5157272 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B424BFBB-0B73-44EF-AAE3-FA9066DBF362} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4964248 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {E382B13D-4CD1-4443-B45C-F1AFB87F6D4A} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1440664 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {A764ADC4-324C-4C27-97AA-4A1EF5E633CD} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [8002968 2024-07-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E78B93D8-823D-4BA5-A757-B640C3928BE3} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [806824 2024-08-07] (Avast Software s.r.o. -> AVAST Software)
Task: {4994EFC2-AF81-4203-9817-3E682CD429BC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2348952 2024-05-15] (Avast Software s.r.o. -> Avast Software)
Task: {1023A390-1D77-4079-8346-36DC6842B34F} - System32\Tasks\AvastBrowserProtectS-1-5-21-553120771-3500017404-3142294873-1001 => C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2024-04-29] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {0BEA6B27-91E8-4461-A6E1-384BBA72D835} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-05-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {42F569A0-CD10-435D-B3BD-4A37C63563CF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-05-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {560E0545-0232-49F7-ABD7-0A7C55835089} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0443C4C9-278A-48FD-8DE9-F4940D1AEC49} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "7c5d7329-4521-440b-a045-297d1a1c7645" --version "6.26.11169" --silent
Task: {20C3C0B1-6AC7-4234-BF0B-30478D9E83F9} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [38931368 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {777361D9-43F4-49C9-AE73-2174E0C2BA29} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5754336 2024-07-11] (Microsoft Windows -> Microsoft Corporation)
Task: {9A3B89A5-F537-4D8D-B735-415C0BA4257E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Task: {D4D16A6B-138E-468A-A1DE-0BC7955F9A30} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [17543336 2024-07-26] (NCH Software, Inc. -> NCH Software)
Task: {40FDA57B-E822-460F-B30B-D1D92EA618BA} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [17543336 2024-07-26] (NCH Software, Inc. -> NCH Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{caf439e3-4c50-452e-bc97-ade4af05c8af}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-15]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-15]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-05-15] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-05-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2024-08-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9014680 2024-08-03] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-05-15] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [771480 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2293144 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1208216 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [6175128 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-05-15] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\126.0.25735.183\elevation_service.exe [1773352 2024-07-17] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-05-15] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085864 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [19186472 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 NativePushService; C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595864 2024-03-20] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12456856 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [229944 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [380984 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [293944 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84536 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [27744 2024-08-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28728 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [271928 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [549848 2024-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [97840 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69176 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [948792 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [1198648 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203728 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [306648 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [79248 2024-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\Windows\System32\drivers\aswWireguard.sys [174360 2024-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [124952 2024-08-07] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20936 2024-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601376 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-12 20:04 - 2024-08-12 20:05 - 000020573 _____ C:\Users\Admin\Desktop\FRST.txt
2024-08-12 20:04 - 2024-08-12 20:05 - 000000000 ____D C:\FRST
2024-08-12 19:58 - 2024-08-12 19:58 - 002397184 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2024-08-12 19:14 - 2024-08-12 20:06 - 2330262991 _____ C:\Users\Admin\Downloads\Zabij+mě,+lásko,+Kill+Me+If+You+Dare+(2024)+Komedie,+PL,+CZ+Dabing,+1080p.mkv.crdownload
2024-08-12 19:14 - 2024-08-12 20:06 - 2248261137 _____ C:\Users\Admin\Downloads\Zmizely+v+noci+(2024)+CZdab.mkv.crdownload
2024-08-12 18:57 - 2024-08-12 18:58 - 000000000 ___HD C:\$WinREAgent
2024-08-11 08:17 - 2024-08-11 08:19 - 000000000 ____D C:\Users\Admin\Desktop\mys
2024-08-08 12:11 - 2024-08-12 19:48 - 000002588 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2024-08-08 10:25 - 2024-08-12 18:38 - 000000000 ____D C:\Users\Admin\AppData\Local\AvastAntiTrackPremium
2024-08-08 10:25 - 2024-08-08 10:25 - 000000000 _RSHD C:\ProgramData\Key-Base
2024-08-08 10:25 - 2024-08-08 10:25 - 000000000 ____D C:\ProgramData\{99B2DD62-6703-13BC-D804-3D52C845B869}
2024-08-07 19:46 - 2024-08-07 19:45 - 000124952 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\netfilter2.sys
2024-08-07 19:45 - 2024-08-07 19:45 - 000002402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast AntiTrack Premium.lnk
2024-08-07 19:45 - 2024-08-07 19:45 - 000002390 _____ C:\Users\Public\Desktop\Avast AntiTrack Premium.lnk
2024-08-07 18:38 - 2024-08-03 13:01 - 000314776 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
2024-08-07 18:30 - 2024-08-07 18:30 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2024-08-07 18:30 - 2024-08-07 18:30 - 000002137 _____ C:\Users\Public\Desktop\Avast SecureLine VPN.lnk
2024-08-07 18:30 - 2024-08-07 18:30 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2024-08-07 18:30 - 2024-08-07 18:30 - 000002113 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2024-08-07 18:29 - 2024-08-07 18:29 - 000050976 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2024-08-07 18:26 - 2024-08-07 18:42 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2024-08-07 18:26 - 2024-08-07 18:42 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2024-08-07 18:21 - 2024-08-07 18:21 - 000000000 ____D C:\Users\Admin\Downloads\Avast.Premier
2024-08-06 10:52 - 2024-08-06 10:55 - 000000000 ____D C:\Users\Admin\Desktop\ZELI
2024-08-02 21:20 - 2024-08-02 21:20 - 003267496 _____ () C:\Users\Admin\Downloads\OperaGXSetup.exe
2024-08-01 16:13 - 2024-08-01 16:13 - 000470345 _____ C:\Users\Admin\Downloads\1. 8. 2024 16_13_23 - Audio - Video bez názvu.webm
2024-08-01 16:03 - 2024-08-01 16:04 - 111797857 _____ C:\Users\Admin\cuketoooosss.mp4
2024-08-01 15:59 - 2024-08-01 15:59 - 000002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2024-08-01 15:59 - 2024-08-01 15:59 - 000001359 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2024-08-01 15:59 - 2024-08-01 15:59 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2024-08-01 15:59 - 2024-08-01 15:59 - 000001333 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2024-08-01 15:59 - 2024-08-01 15:59 - 000000000 ____D C:\Users\Admin\NCH Software Suite
2024-08-01 15:59 - 2024-08-01 15:59 - 000000000 ____D C:\ProgramData\NCH Software
2024-08-01 15:59 - 2024-08-01 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2024-08-01 15:59 - 2024-08-01 15:59 - 000000000 ____D C:\Program Files (x86)\NCH Software
2024-08-01 15:37 - 2024-08-01 15:39 - 000000000 ____D C:\Users\Admin\AppData\Roaming\LosslessCut
2024-08-01 15:32 - 2024-08-01 15:32 - 000000000 ____D C:\Windows\system32\appmgmt
2024-08-01 15:27 - 2024-08-01 15:29 - 000004204 _____ C:\Users\Admin\AppData\Local\kdenliverc
2024-08-01 15:27 - 2024-08-01 15:27 - 000007088 _____ C:\Users\Admin\AppData\Local\kdenlive-layoutsrc
2024-08-01 15:27 - 2024-08-01 15:27 - 000006196 _____ C:\Users\Admin\AppData\Local\user-places.xbel
2024-08-01 15:27 - 2024-08-01 15:27 - 000005715 _____ C:\Users\Admin\AppData\Local\user-places.xbel.bak
2024-08-01 15:27 - 2024-08-01 15:27 - 000000000 ____D C:\Users\Admin\AppData\Roaming\kdenlive
2024-08-01 15:27 - 2024-08-01 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\stalefiles
2024-08-01 15:27 - 2024-08-01 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\mime
2024-08-01 15:27 - 2024-08-01 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\kdenlive
2024-08-01 15:27 - 2024-08-01 15:27 - 000000000 _____ C:\Users\Admin\AppData\Local\user-places.xbel.tbcache
2024-08-01 15:26 - 2024-08-01 15:30 - 000000000 ____D C:\Program Files\kdenlive
2024-08-01 15:12 - 2024-08-01 15:17 - 000000000 ____D C:\Users\Admin\AppData\Roaming\avidemux
2024-08-01 15:12 - 2024-08-01 15:12 - 000000000 ____D C:\Users\Admin\AppData\Local\avidemux
2024-08-01 10:49 - 2024-08-01 10:49 - 002269520 _____ ( ) C:\Users\Admin\Downloads\video-converter.exe
2024-08-01 10:49 - 2024-08-01 10:49 - 000002061 _____ C:\Users\Public\Desktop\Vidmore Video Converter.lnk
2024-08-01 10:49 - 2024-08-01 10:49 - 000000000 ____D C:\ProgramData\Vidmore
2024-08-01 10:49 - 2024-08-01 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidmore
2024-08-01 10:40 - 2024-08-01 10:40 - 000000000 ____D C:\Voiceover
2024-08-01 10:39 - 2024-08-08 12:05 - 000001659 _____ C:\Users\Admin\Desktop\Wondershare Filmora 13.lnk
2024-08-01 10:39 - 2024-08-01 10:39 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-08-01 10:38 - 2024-08-01 15:02 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-08-01 10:38 - 2024-08-01 14:56 - 000000000 ____D C:\ProgramData\Wondershare
2024-08-01 10:38 - 2024-08-01 10:40 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Wondershare
2024-08-01 10:38 - 2024-08-01 10:39 - 000000000 ____D C:\Users\Admin\AppData\Local\Wondershare
2024-08-01 10:29 - 2024-08-01 10:39 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2024-08-01 10:29 - 2024-08-01 10:29 - 002003960 _____ C:\Users\Admin\Downloads\filmora-idco_setup_full1901.exe
2024-08-01 10:15 - 2024-08-01 10:15 - 000000000 ___HD C:\Vidmore Temp
2024-08-01 10:15 - 2024-08-01 10:15 - 000000000 ____D C:\Users\Admin\AppData\Local\Vidmore
2024-08-01 10:13 - 2024-08-01 10:13 - 000000000 ____D C:\Program Files\Vidmore
2024-08-01 10:01 - 2024-08-01 10:02 - 000000000 ____D C:\Users\Admin\AppData\Roaming\audacity
2024-08-01 10:01 - 2024-08-01 10:01 - 000000000 ____D C:\Users\Admin\Documents\Audacity
2024-08-01 10:01 - 2024-08-01 10:01 - 000000000 ____D C:\Users\Admin\AppData\Local\audacity
2024-08-01 09:53 - 2024-08-01 09:53 - 000000000 ___HD C:\ProgramData\~Apple
2024-08-01 09:53 - 2024-08-01 09:53 - 000000000 ___HD C:\Program Files\~Bonjour
2024-08-01 09:53 - 2024-08-01 09:53 - 000000000 ___HD C:\Program Files (x86)\~Bonjour
2024-08-01 09:53 - 2024-08-01 09:53 - 000000000 ___HD C:\AnyMP4 Temp
2024-08-01 09:53 - 2024-08-01 09:53 - 000000000 ____D C:\Windows\system32\Tasks\AnyMP4 Studio
2024-08-01 09:53 - 2024-08-01 09:53 - 000000000 ____D C:\Users\Admin\AppData\Local\AnyMP4 Studio
2024-08-01 09:52 - 2024-08-01 09:52 - 000000000 ____D C:\Program Files\AnyMP4 Studio
2024-08-01 09:47 - 2024-08-01 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\cache
2024-08-01 09:33 - 2024-08-01 09:33 - 000000000 ____D C:\Users\Admin\AppData\Local\VideoEditor
2024-08-01 09:32 - 2024-08-01 09:32 - 000012306 _____ C:\ProgramData\vxnylktj.vfa
2024-08-01 09:32 - 2024-08-01 09:32 - 000000016 _____ C:\ProgramData\mntemp
2024-08-01 09:31 - 2024-08-01 09:33 - 000000000 ____D C:\Users\Admin\AppData\Local\Movavi
2024-08-01 09:21 - 2024-08-11 08:51 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2024-08-01 09:20 - 2024-08-01 15:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NCH Software
2024-08-01 09:19 - 2024-08-01 09:21 - 197841720 _____ (OpenShot Studios, LLC ) C:\Users\Admin\Downloads\OpenShot-v3.2.1-x86_64 (1).exe
2024-07-24 21:10 - 2024-07-25 16:29 - 000000000 ____D C:\Users\Admin\Desktop\mince
2024-07-16 09:28 - 2024-07-16 09:29 - 087363269 _____ C:\Users\Admin\Desktop\VID_20240716_091408.mp4
2024-07-15 15:23 - 2024-07-15 15:27 - 197841720 _____ (OpenShot Studios, LLC ) C:\Users\Admin\Downloads\OpenShot-v3.2.1-x86_64.exe
2024-07-14 19:37 - 2024-07-14 20:42 - 4175718871 _____ C:\Users\Admin\Downloads\Zeme_na_scesti_2019_CZ_tit.mp4
2024-07-14 19:28 - 2024-07-14 19:48 - 323946991 _____ C:\Users\Admin\Downloads\Foundation 2x02 A Glimpse of Darkness.mp4
2024-07-14 19:28 - 2024-07-14 19:46 - 289804672 _____ C:\Users\Admin\Downloads\Foundation 2x01 In Seldon's Shadow.mp4
2024-07-14 10:45 - 2024-07-16 11:17 - 000000000 ____D C:\Users\Admin\Desktop\OSLAVA MAMKA
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-12 19:48 - 2024-05-21 12:10 - 000003194 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-08-12 19:48 - 2024-05-21 12:10 - 000002952 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-08-12 19:48 - 2024-05-21 12:10 - 000002252 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Admin
2024-08-12 19:48 - 2024-05-21 12:10 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-08-12 19:48 - 2024-05-15 13:55 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-08-12 19:48 - 2024-05-13 11:49 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-08-12 19:48 - 2024-05-13 11:49 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-08-12 19:48 - 2024-05-13 11:35 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-553120771-3500017404-3142294873-1001
2024-08-12 19:48 - 2024-05-13 11:35 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-553120771-3500017404-3142294873-1001
2024-08-12 18:59 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-08-12 18:56 - 2024-05-13 11:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-08-12 18:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-12 18:37 - 2024-05-13 12:40 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2024-08-11 21:51 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-08-11 17:49 - 2024-05-15 14:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2024-08-11 08:41 - 2024-05-26 19:10 - 000000000 ____D C:\Users\Admin\.openshot_qt
2024-08-11 08:17 - 2024-05-16 06:03 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2024-08-10 21:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-10 21:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-08-10 20:32 - 2024-05-13 11:49 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-09 18:11 - 2024-05-13 11:54 - 000002377 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-08 21:16 - 2024-05-15 13:35 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-08 21:16 - 2024-05-15 13:35 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-08-08 21:16 - 2023-05-05 14:28 - 000000000 ____D C:\Windows\SystemTemp
2024-08-08 13:30 - 2024-05-13 11:54 - 000000000 ____D C:\Users\Admin
2024-08-08 10:29 - 2024-05-13 11:35 - 001693656 _____ C:\Windows\system32\PerfStringBackup.INI
2024-08-08 10:29 - 2019-12-07 16:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2024-08-08 10:29 - 2019-12-07 16:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2024-08-08 10:26 - 2024-05-15 13:55 - 000549848 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys
2024-08-08 10:24 - 2024-05-13 11:49 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-08 10:24 - 2024-05-13 11:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-08-07 21:47 - 2024-05-15 14:56 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-08-07 19:58 - 2024-05-17 22:22 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2024-08-07 19:58 - 2024-05-16 06:56 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\HTML Help
2024-08-07 19:58 - 2024-05-13 12:49 - 000000000 ____D C:\Windows\Panther
2024-08-07 19:46 - 2024-05-17 22:22 - 000000000 ____D C:\ProgramData\Package Cache
2024-08-07 19:45 - 2024-05-15 13:59 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2024-08-07 19:45 - 2024-05-15 13:46 - 000000000 ____D C:\ProgramData\Avast Software
2024-08-07 18:42 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-08-07 18:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-08-07 18:30 - 2024-05-15 13:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Avast Software
2024-08-07 18:30 - 2024-05-15 13:54 - 000000000 ____D C:\Program Files\Avast Software
2024-08-07 18:29 - 2024-05-15 13:55 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-08-07 18:26 - 2024-05-21 12:10 - 000000000 ____D C:\Program Files\CCleaner
2024-08-03 13:01 - 2024-05-15 13:55 - 001198648 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSP.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000948792 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSnx.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000548920 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys.172310561090601
2024-08-03 13:01 - 2024-05-15 13:55 - 000380984 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsdriver.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000306648 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswVmm.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000293944 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsh.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000271928 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswMonFlt.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000229944 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArPot.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000097840 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRdr2.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000084536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbuniv.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000069176 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRvrt.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000028728 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswKbd.sys
2024-08-03 13:01 - 2024-05-15 13:55 - 000027744 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswElam.sys
2024-08-01 16:15 - 2024-05-13 11:54 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2024-08-01 15:58 - 2024-05-13 11:54 - 000000000 ____D C:\ProgramData\Packages
2024-08-01 15:57 - 2024-05-13 11:35 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2024-07-30 15:40 - 2024-05-15 14:01 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-07-30 15:40 - 2024-05-15 14:01 - 000002409 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2024-07-26 08:16 - 2024-05-19 12:54 - 000000000 ____D C:\Users\Admin\Desktop\foto mobil
2024-07-25 21:34 - 2024-07-09 19:17 - 000000000 ____D C:\Users\Admin\Desktop\Foto z fotaku
2024-07-15 08:47 - 2024-07-09 17:29 - 000000000 ____D C:\Users\Admin\Desktop\Dary ZEME FOTO
==================== Files in the root of some directories ========
2024-08-01 15:27 - 2024-08-01 15:27 - 000007088 _____ () C:\Users\Admin\AppData\Local\kdenlive-layoutsrc
2024-08-01 15:27 - 2024-08-01 15:29 - 000004204 _____ () C:\Users\Admin\AppData\Local\kdenliverc
2024-08-01 15:27 - 2024-08-01 15:27 - 000006196 _____ () C:\Users\Admin\AppData\Local\user-places.xbel
2024-08-01 15:27 - 2024-08-01 15:27 - 000005715 _____ () C:\Users\Admin\AppData\Local\user-places.xbel.bak
2024-08-01 15:27 - 2024-08-01 15:27 - 000000000 _____ () C:\Users\Admin\AppData\Local\user-places.xbel.tbcache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
A pak ještě přidejte obsah souboru addition.txt. Najdete ho na ploše.Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-12-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.4651)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [12/08/2024 22:00:40]
AdwCleaner[S01].txt - [1481 octets] - [12/08/2024 22:02:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08.2024
Ran by Admin (12-08-2024 20:07:00)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4651 (X64) (2024-05-13 09:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Admin (S-1-5-21-553120771-3500017404-3142294873-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-553120771-3500017404-3142294873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-553120771-3500017404-3142294873-503 - Limited - Disabled)
Guest (S-1-5-21-553120771-3500017404-3142294873-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-553120771-3500017404-3142294873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.5.1570.2222 - Avast Software)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 24.2.16549.17700 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.7.6124 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 126.0.25735.183 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.7.10323.12854 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.26 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.100 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 127.0.2651.98 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.113 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\OneDriveSetup.exe) (Version: 24.146.0721.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
OpenShot Video Editor 3.1.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 3.1.1 - OpenShot Studios, LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 16.31 - NCH Software)
Vidmore Video Converter 1.3.36 (HKLM-x32\...\{88AA44F4-419C-4027-81D8-45DE96AF0E3B}_is1) (Version: 1.3.36 - Vidmore)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Wondershare Filmora 13(Build 13.5.1.7566) (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.1) (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Packages:
=========
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{054ae674-157a-44a3-8a6f-0546cbe49251}\localserver32 -> C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe (NCH Software, Inc. -> NCH Software)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Dell Wireless 1506 802.11b|g|n (2.4GHz) -> athw8x.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_1088872FC4C2207C6D62AF0E8871CAAC"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E7988FDB-58E4-4A25-B0F5-D47E7CC707AE}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{72EA4C7D-1F0F-4C72-9B9F-9F165387BFD9}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{F1A7DBC4-4F93-4B90-8BA8-715C9FD087B3}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{39048753-18A2-4940-98B0-DF94AF4A9145}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{330399DE-8E1C-460B-9BC3-09BA1AC4F501}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{A908805A-AC58-4355-8823-55D6931BDFA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{6363F898-9525-4A4C-A20F-012F120B1815}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BD050164-4F95-410E-A73A-E7C8343D2175}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BB3D1E7E-2430-4C00-AA61-021C891BCDF0}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{105C328D-F9F0-4632-B304-023FF56CCBCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79A8E68D-F7C9-4ABC-B391-C3229D8F3594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43B52E97-DF7A-4D44-843B-2BE895438DFB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D411DB72-AEA6-4FF8-8558-6A3EC9537128}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8C7755FC-6BB4-4086-833B-0099B319989E}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{FA1B0249-0061-48B2-A3E4-7C39436A8F51}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{8598B9CE-1E1F-4508-8352-24081F19C1C6}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{B6879F2C-2596-434E-886A-E5BD4AB2DD84}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{5D7048D2-1D32-44F5-B243-D86296507D3C}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{DC3B1230-0D8A-45EA-84A5-C65E29D3C44F}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{A0A0B66F-02CA-4D66-918B-8E25153D5CA0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
26-07-2024 12:34:19 Naplánovaný kontrolní bod
01-08-2024 15:22:00 Installed blender
01-08-2024 15:31:13 Removed blender
07-08-2024 19:45:54 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
12-08-2024 18:59:03 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/11/2024 08:18:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HiSuite.exe verze 11.0.0.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 337c
Čas spuštění: 01daebb5f112ad65
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\HiSuite\HiSuite.exe
ID hlášení: c9bb6a5e-ca06-4fa1-8d1f-7865915add52
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (08/07/2024 06:38:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AvastUI.exe verze 24.7.9311.892 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1658
Čas spuštění: 01dae8e698f3e9ae
Čas ukončení: 60000
Cesta k aplikaci: C:\Program Files\Avast Software\Avast\AvastUI.exe
ID hlášení: 4bb9b0d1-66f7-4821-9731-1c2f92f3458c
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (07/29/2024 08:44:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.4648, časové razítko: 0x1fd45943
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72e181f0
ID chybujícího procesu: 0x1604
Čas spuštění chybující aplikace: 0x01dae1e75045f016
Cesta k chybující aplikaci: C:\Windows\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9490c9ed-c205-42f3-a533-bae7334ffd28
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/18/2024 12:59:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0xe07647a2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4648, časové razítko: 0x5a4af933
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d5d2
ID chybujícího procesu: 0x257c
Čas spuštění chybující aplikace: 0x01dad90186620594
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7c1c40b3-3548-415e-b838-310eeef73470
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (07/11/2024 07:54:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.4355, časové razítko: 0x90a2b675
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4522, časové razítko: 0xf7a99bd4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012d332
ID chybujícího procesu: 0x3320
Čas spuštění chybující aplikace: 0x01dad3561b10695e
Cesta k chybující aplikaci: C:\Windows\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: e6e22301-ef41-488f-8593-48b26cd83cd0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/08/2024 12:11:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.4522, časové razítko: 0x69c14f93
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72a081f0
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01dad11f1fe673ff
Cesta k chybující aplikaci: C:\Windows\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4b1c2f19-62e1-480c-bb12-049648c1dc76
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/21/2024 11:45:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AC4BFSP.exe, verze: 0.0.0.0, časové razítko: 0x53343cbf
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0xc0000417
Posun chyby: 0x0008af3e
ID chybujícího procesu: 0x2f4c
Čas spuštění chybující aplikace: 0x01daab6398a06327
Cesta k chybující aplikaci: C:\Program Files (x86)\Assassins Creed IV Black Flag\AC4BFSP.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSVCR100.dll
ID zprávy: f759fd05-0c80-4557-ba87-2c11ad514471
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/21/2024 11:44:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AC4BFSP.exe, verze: 0.0.0.0, časové razítko: 0x53343cbf
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0xc0000417
Posun chyby: 0x0008af3e
ID chybujícího procesu: 0x2414
Čas spuštění chybující aplikace: 0x01daab63888c0df3
Cesta k chybující aplikaci: C:\Program Files (x86)\Assassins Creed IV Black Flag\AC4BFSP.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSVCR100.dll
ID zprávy: 02ccda82-d1d8-46d6-9819-6e9817ffcbc2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/12/2024 06:58:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2024-01, aktualizace zabezpečení pro Windows 10 Version 22H2 pro systémy typu x64 (KB5034441).
Error: (08/11/2024 09:57:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1UKJ1NG)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/11/2024 08:16:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 02:41:07 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 11:00:01 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 09:21:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 08:01:17 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/09/2024 06:51:08 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Windows Defender:
================
Date: 2024-05-15 13:54:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E1796DCB-BFB3-4404-B3A1-BADD5AA9E67B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2024-08-12 18:39:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-08-12 18:38:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A10 05/13/2013
Motherboard: Dell Inc. 084J0R
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8066.02 MB
Available physical RAM: 3592.99 MB
Total Virtual: 9346.02 MB
Available Virtual: 3997.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.91 GB) (Free:151.73 GB) (Model: SanDisk SD7TB3Q-256G-1006) NTFS
\\?\Volume{b7e55f96-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{b7e55f96-0000-0000-0000-907d3b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: B7E55F96)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=523 MB) - (Type=27)
==================== End of Addition.txt =======================
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-12-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.4651)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [12/08/2024 22:00:40]
AdwCleaner[S01].txt - [1481 octets] - [12/08/2024 22:02:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08.2024
Ran by Admin (12-08-2024 20:07:00)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4651 (X64) (2024-05-13 09:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Admin (S-1-5-21-553120771-3500017404-3142294873-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-553120771-3500017404-3142294873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-553120771-3500017404-3142294873-503 - Limited - Disabled)
Guest (S-1-5-21-553120771-3500017404-3142294873-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-553120771-3500017404-3142294873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.5.1570.2222 - Avast Software)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 24.2.16549.17700 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.7.6124 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 126.0.25735.183 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.7.10323.12854 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.26 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.100 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 127.0.2651.98 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.113 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\OneDriveSetup.exe) (Version: 24.146.0721.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
OpenShot Video Editor 3.1.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 3.1.1 - OpenShot Studios, LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 16.31 - NCH Software)
Vidmore Video Converter 1.3.36 (HKLM-x32\...\{88AA44F4-419C-4027-81D8-45DE96AF0E3B}_is1) (Version: 1.3.36 - Vidmore)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Wondershare Filmora 13(Build 13.5.1.7566) (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.1) (HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Packages:
=========
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{054ae674-157a-44a3-8a6f-0546cbe49251}\localserver32 -> C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe (NCH Software, Inc. -> NCH Software)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-553120771-3500017404-3142294873-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Dell Wireless 1506 802.11b|g|n (2.4GHz) -> athw8x.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_1088872FC4C2207C6D62AF0E8871CAAC"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-553120771-3500017404-3142294873-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E7988FDB-58E4-4A25-B0F5-D47E7CC707AE}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{72EA4C7D-1F0F-4C72-9B9F-9F165387BFD9}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{F1A7DBC4-4F93-4B90-8BA8-715C9FD087B3}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{39048753-18A2-4940-98B0-DF94AF4A9145}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{330399DE-8E1C-460B-9BC3-09BA1AC4F501}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{A908805A-AC58-4355-8823-55D6931BDFA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{6363F898-9525-4A4C-A20F-012F120B1815}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BD050164-4F95-410E-A73A-E7C8343D2175}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BB3D1E7E-2430-4C00-AA61-021C891BCDF0}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{105C328D-F9F0-4632-B304-023FF56CCBCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79A8E68D-F7C9-4ABC-B391-C3229D8F3594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43B52E97-DF7A-4D44-843B-2BE895438DFB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D411DB72-AEA6-4FF8-8558-6A3EC9537128}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8C7755FC-6BB4-4086-833B-0099B319989E}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{FA1B0249-0061-48B2-A3E4-7C39436A8F51}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{8598B9CE-1E1F-4508-8352-24081F19C1C6}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{B6879F2C-2596-434E-886A-E5BD4AB2DD84}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{5D7048D2-1D32-44F5-B243-D86296507D3C}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{DC3B1230-0D8A-45EA-84A5-C65E29D3C44F}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{A0A0B66F-02CA-4D66-918B-8E25153D5CA0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
26-07-2024 12:34:19 Naplánovaný kontrolní bod
01-08-2024 15:22:00 Installed blender
01-08-2024 15:31:13 Removed blender
07-08-2024 19:45:54 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
12-08-2024 18:59:03 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/11/2024 08:18:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HiSuite.exe verze 11.0.0.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 337c
Čas spuštění: 01daebb5f112ad65
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\HiSuite\HiSuite.exe
ID hlášení: c9bb6a5e-ca06-4fa1-8d1f-7865915add52
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (08/07/2024 06:38:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AvastUI.exe verze 24.7.9311.892 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1658
Čas spuštění: 01dae8e698f3e9ae
Čas ukončení: 60000
Cesta k aplikaci: C:\Program Files\Avast Software\Avast\AvastUI.exe
ID hlášení: 4bb9b0d1-66f7-4821-9731-1c2f92f3458c
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (07/29/2024 08:44:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.4648, časové razítko: 0x1fd45943
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72e181f0
ID chybujícího procesu: 0x1604
Čas spuštění chybující aplikace: 0x01dae1e75045f016
Cesta k chybující aplikaci: C:\Windows\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9490c9ed-c205-42f3-a533-bae7334ffd28
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/18/2024 12:59:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0xe07647a2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4648, časové razítko: 0x5a4af933
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d5d2
ID chybujícího procesu: 0x257c
Čas spuštění chybující aplikace: 0x01dad90186620594
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7c1c40b3-3548-415e-b838-310eeef73470
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (07/11/2024 07:54:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.4355, časové razítko: 0x90a2b675
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4522, časové razítko: 0xf7a99bd4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012d332
ID chybujícího procesu: 0x3320
Čas spuštění chybující aplikace: 0x01dad3561b10695e
Cesta k chybující aplikaci: C:\Windows\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: e6e22301-ef41-488f-8593-48b26cd83cd0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/08/2024 12:11:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.4522, časové razítko: 0x69c14f93
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72a081f0
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01dad11f1fe673ff
Cesta k chybující aplikaci: C:\Windows\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4b1c2f19-62e1-480c-bb12-049648c1dc76
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/21/2024 11:45:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AC4BFSP.exe, verze: 0.0.0.0, časové razítko: 0x53343cbf
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0xc0000417
Posun chyby: 0x0008af3e
ID chybujícího procesu: 0x2f4c
Čas spuštění chybující aplikace: 0x01daab6398a06327
Cesta k chybující aplikaci: C:\Program Files (x86)\Assassins Creed IV Black Flag\AC4BFSP.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSVCR100.dll
ID zprávy: f759fd05-0c80-4557-ba87-2c11ad514471
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/21/2024 11:44:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AC4BFSP.exe, verze: 0.0.0.0, časové razítko: 0x53343cbf
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0xc0000417
Posun chyby: 0x0008af3e
ID chybujícího procesu: 0x2414
Čas spuštění chybující aplikace: 0x01daab63888c0df3
Cesta k chybující aplikaci: C:\Program Files (x86)\Assassins Creed IV Black Flag\AC4BFSP.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSVCR100.dll
ID zprávy: 02ccda82-d1d8-46d6-9819-6e9817ffcbc2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/12/2024 06:58:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2024-01, aktualizace zabezpečení pro Windows 10 Version 22H2 pro systémy typu x64 (KB5034441).
Error: (08/11/2024 09:57:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1UKJ1NG)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/11/2024 08:16:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 02:41:07 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 11:00:01 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 09:21:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/11/2024 08:01:17 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (08/09/2024 06:51:08 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Windows Defender:
================
Date: 2024-05-15 13:54:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E1796DCB-BFB3-4404-B3A1-BADD5AA9E67B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2024-08-12 18:39:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-08-12 18:38:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A10 05/13/2013
Motherboard: Dell Inc. 084J0R
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8066.02 MB
Available physical RAM: 3592.99 MB
Total Virtual: 9346.02 MB
Available Virtual: 3997.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.91 GB) (Free:151.73 GB) (Model: SanDisk SD7TB3Q-256G-1006) NTFS
\\?\Volume{b7e55f96-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{b7e55f96-0000-0000-0000-907d3b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: B7E55F96)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=523 MB) - (Type=27)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{A908805A-AC58-4355-8823-55D6931BDFA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{6363F898-9525-4A4C-A20F-012F120B1815}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BD050164-4F95-410E-A73A-E7C8343D2175}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9A3B89A5-F537-4D8D-B735-415C0BA4257E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
C:\DumpStack.log.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-08.2024
Ran by Admin (13-08-2024 10:13:50) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{A908805A-AC58-4355-8823-55D6931BDFA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{6363F898-9525-4A4C-A20F-012F120B1815}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BD050164-4F95-410E-A73A-E7C8343D2175}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9A3B89A5-F537-4D8D-B735-415C0BA4257E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A908805A-AC58-4355-8823-55D6931BDFA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6363F898-9525-4A4C-A20F-012F120B1815}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD050164-4F95-410E-A73A-E7C8343D2175}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A3B89A5-F537-4D8D-B735-415C0BA4257E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A3B89A5-F537-4D8D-B735-415C0BA4257E}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25}" => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25487264 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 22210228 B
Edge => 0 B
Chrome => 629993585 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Admin => 805575056 B
RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-08-2024 10:14:47)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 10:14:47 ====
Ran by Admin (13-08-2024 10:13:50) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{A908805A-AC58-4355-8823-55D6931BDFA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{6363F898-9525-4A4C-A20F-012F120B1815}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{BD050164-4F95-410E-A73A-E7C8343D2175}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9A3B89A5-F537-4D8D-B735-415C0BA4257E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A908805A-AC58-4355-8823-55D6931BDFA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90F50E60-922B-4A62-AA7D-4D560FAEC9C9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6363F898-9525-4A4C-A20F-012F120B1815}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD050164-4F95-410E-A73A-E7C8343D2175}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E42E8E20-2916-420A-8B9B-F0DBBE491058}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE3E34BC-5AA8-4E71-BC15-FC1EA0083E64}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A3B89A5-F537-4D8D-B735-415C0BA4257E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A3B89A5-F537-4D8D-B735-415C0BA4257E}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{4907E250-F89B-4DB9-93DD-B93FFD088A25}" => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25487264 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 22210228 B
Edge => 0 B
Chrome => 629993585 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Admin => 805575056 B
RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-08-2024 10:14:47)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 10:14:47 ====
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Myslím si,ze uz to asi nedela.Aspon tedy to neudelalo.
Dekuji moc.
Dekuji moc.
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
OK, rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?