prosím o kontrol logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024
Ran by vlastimil (administrator) on LENOVO-PC (LENOVO 20382) (28-08-2024 18:54:42)
Running from C:\Users\vkubi_000\Desktop\FRST64.exe
Loaded Profiles: vlastimil
Platform: Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [426904 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [9831832 2024-03-19] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\vkubi_000\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\vkubi_000\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45120304 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\Run: [MicrosoftEdgeAutoLaunch_6E236D41DB9779B1B99DA375447F9C68] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3741224 2024-08-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45120304 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\WINDOWS\system32\EP0SLM01.DLL [77824 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\WINDOWS\system32\hpzllwn7.dll [51712 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-06-27] (Google LLC -> Google LLC)
Startup: C:\Users\vkubi_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Url Monitor.lnk [2022-03-06]
ShortcutTarget: Url Monitor.lnk -> C:\Program Files (x86)\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe (MEDIAN s.r.o.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2024-08-08]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-05-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {F63BA807-AC80-4FFB-B8F6-332CDF611EAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {0B606F34-74C0-4EAF-A8B8-29E74B851B22} - System32\Tasks\AudioHUB => C:\Program Files (x86)\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe [275968 2023-03-21] (MEDIAN s.r.o.) [File not signed]
Task: {132E1944-2B32-469A-BE54-B159FDFFCE06} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4979096 2024-03-19] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {04804061-7A4F-4A13-9478-47CB386E1B27} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software)
Task: {075D2127-0964-4C52-909D-CFBD73DF81D9} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5157272 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {9E156082-A6DD-49A7-9962-5E2F36644134} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4964248 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {F310CBBE-9F58-4275-857B-B048893EC859} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1440664 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {922CE9AE-A87F-428F-9061-B61184ACF723} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [8002968 2024-07-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {3A4BF2B2-4F6C-4BAE-990D-C29118E51217} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {214B0BF9-4641-4C24-879B-BA32F20EFC68} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {6D2491F2-C939-45B2-8267-68C601A988F9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5075248 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f9838222-7e57-4787-8c36-4b24aa4f7fa2" --version "6.27.11214" --silent
Task: {1C5EBDB4-049D-4649-A70E-6846D47E179A} - System32\Tasks\CCleanerSkipUAC - vlastimil => C:\Program Files\CCleaner\CCleaner.exe [39072560 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {C0104A6E-6612-4F1A-A523-962E9410CDF9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {CD0969CC-FFB9-4973-8BEB-099D37E266B0} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
Task: {B099E8CA-015F-464E-92AD-27C34D8CE54E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {913EFD2E-563F-4492-A30F-D05516F02310} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {CDFAFDE4-930F-43AC-B75D-E9C3FA7586D4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\89e14ca8-8f9a-4f83-91ab-e342c4076b68 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {A1CD28E6-0D09-4A63-803B-C29BF02C1974} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8d646aba-23f8-4415-aad5-56cdbc6b40dd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {19BB045C-656B-4151-A60F-C901F1815813} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a90c9100-647c-4876-b108-4aced61da2ce => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {3355F668-1808-43FD-B446-ECC86292DA96} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c8d16adb-8a8f-4182-8811-a251bda6ad64 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {93BD8FFE-3DB7-48C5-BFC6-40F5C9F9A386} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cfe0a6f2-cb41-486a-ba0c-16934a90ec19 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {66FF1088-DE8C-4C66-9894-DC713641CF3F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {63145BF3-F749-44B1-92D0-EAF40C69E7B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7FF59CB-76BD-4AC9-99B4-6441811CEE82} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E30ED957-4C97-4BEE-BDDF-E533C8461D1A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F4C4B26-657C-473A-B793-12309E5F1CAE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [182240 2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CB7C8B1-1A75-4B29-A1D0-9B7D5D77615D} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2756002567-295290169-1842266776-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676936 2024-08-23] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {B05F0B51-CACE-4AA6-B1BC-73C80589AC96} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-08-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {A77E2BC2-1B00-48C2-BFBA-4A4385AB0D46} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209064 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9A711B4-F710-4E54-8C65-D9F925CA311D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2756002567-295290169-1842266776-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209064 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {104D90C3-8E57-484B-967A-7877B9149779} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2756002567-295290169-1842266776-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209064 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6d77b5d4-723b-4b51-9263-b8fbc0399b96}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{899ad7f0-cfdd-4e61-9215-ab825367afc5}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2024-08-13]
Edge Profile: C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-08-28]
Edge Extension: (Překladač Google) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-19]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2024-08-28]
Edge Extension: (Volání přes Skype) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2024-06-03]
Edge Extension: (Avast Passwords) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2024-06-10]
Edge Extension: (Hangouts Notifications) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fbpmaadfebbedknhmeeijeicldjlegee [2024-06-03]
Edge Extension: (Dokumenty Google offline) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-16]
Edge Extension: (Uložit na Disk Google) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2024-06-03]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-08-13]
Edge Extension: (Edge relevant text changes) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-16]
Edge Extension: (Speed Dial 2 New tab) - C:\Users\vkubi_000\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ohpagamjnemfmmgildfkjgbnabhojcdj [2024-05-31]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: kiuz6zy2.default
FF ProfilePath: C:\Users\vkubi_000\AppData\Roaming\Mozilla\Firefox\Profiles\kiuz6zy2.default [2024-06-22]
FF ProfilePath: C:\Users\vkubi_000\AppData\Roaming\Mozilla\Firefox\Profiles\2cnrlfjt.default-release [2024-08-28]
FF Homepage: Mozilla\Firefox\Profiles\2cnrlfjt.default-release -> seznam.cz
FF Extension: (LastPass: Free Password Manager) - C:\Users\vkubi_000\AppData\Roaming\Mozilla\Firefox\Profiles\2cnrlfjt.default-release\Extensions\support@lastpass.com.xpi [2024-08-17]
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-10-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-10-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-07-19] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default [2024-08-28]
CHR Notifications: Default -> hxxps://www.drevostavitel.cz; hxxps://www.facebook.com
CHR Extension: (Překladač Google) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-19]
CHR Extension: (Prezentace) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-18]
CHR Extension: (Dokumenty) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-18]
CHR Extension: (Disk Google) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-18]
CHR Extension: (Volání přes Skype) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2021-01-18]
CHR Extension: (YouTube) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-18]
CHR Extension: (Avast Passwords) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2024-06-10]
CHR Extension: (Hangouts Notifications) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbpmaadfebbedknhmeeijeicldjlegee [2021-01-18]
CHR Extension: (Tabulky) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-18]
CHR Extension: (Word Online) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2023-06-20]
CHR Extension: (Full Screen Weather) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2023-06-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-10]
CHR Extension: (Uložit na Disk Google) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2024-04-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2024-07-01]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2024-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-15]
CHR Extension: (Gmail) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-18]
CHR Profile: C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-08-13]
CHR Profile: C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-13]
CHR DownloadDir: C:\Users\vkubi_000\Desktop
CHR NewTab: Profile 1 -> "active": false,
"entry": "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/override.html"
CHR Extension: (Google Translate) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-05]
CHR Extension: (Skype Calling) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2023-07-05]
CHR Extension: (Avast Passwords) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2024-06-21]
CHR Extension: (Convertio) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2021-01-20]
CHR Extension: (Hangouts Notifications) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fbpmaadfebbedknhmeeijeicldjlegee [2023-07-05]
CHR Extension: (Word Online) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2021-01-20]
CHR Extension: (Full Screen Weather) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2021-01-20]
CHR Extension: (YouTube Flash Video Player) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fldkdmkgnlbehfgeifjpjabmandnchpe [2021-01-20]
CHR Extension: (Pass Strength Meter) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gahnebecgllcaakcojhgndipnamdlghe [2021-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-19]
CHR Extension: (Save to Google Drive) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2024-06-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2024-06-21]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2024-07-05]
CHR Extension: (Netpanel study) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbidbgoheiddfilfipcobicemncfogno [2024-06-22]
CHR Extension: (Webcam Toy) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfbgimoladefibpklnfmkpknadbklade [2021-01-20]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2024-06-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\vkubi_000\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9014680 2024-08-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [771480 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2312488 2024-08-13] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1208216 2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S4 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1086256 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
S4 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18727320 2024-03-19] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995704 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncHelper.exe [3523104 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [22384 2023-11-17] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.156.0804.0002\OneDriveUpdaterService.exe [3863464 2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12456856 2024-08-07] (Avast Software s.r.o. -> Gen Digital Inc.)
S4 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S4 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-22] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229944 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [380984 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [293944 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27744 2024-08-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271928 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [549848 2024-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97840 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [948792 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1198648 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203728 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306648 2024-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [79248 2024-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [338880 2018-07-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 scsiscan; C:\WINDOWS\System32\drivers\scsiscan.sys [21504 2023-11-17] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-01-22] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-22] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
S1 netfilter2; system32\drivers\netfilter2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-28 18:54 - 2024-08-28 18:59 - 000035154 _____ C:\Users\vkubi_000\Desktop\FRST.txt
2024-08-28 18:39 - 2024-08-28 18:39 - 002397184 _____ (Farbar) C:\Users\vkubi_000\Desktop\FRST64.exe
2024-08-28 11:43 - 2024-08-28 11:43 - 000048651 _____ C:\Users\vkubi_000\Desktop\Pohyb_26623354572_na_uctu_2200027530.pdf
2024-08-27 09:33 - 2024-08-27 09:33 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-08-17 17:35 - 2024-08-17 17:35 - 000000000 __HDC C:\$WinREAgent
2024-08-04 15:58 - 2024-08-04 15:58 - 000002544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (Preview).lnk
2024-08-03 08:20 - 2024-08-03 08:18 - 000314776 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-28 18:57 - 2023-02-26 18:11 - 000000000 ____D C:\FRST
2024-08-28 17:48 - 2021-01-18 23:23 - 000000000 ____D C:\Program Files\CCleaner
2024-08-28 17:18 - 2021-01-22 11:36 - 000000000 ____D C:\Users\vkubi_000\AppData\Local\AVAST Software
2024-08-28 17:18 - 2021-01-21 17:18 - 000000000 ____D C:\Users\vkubi_000\AppData\Local\CrashDumps
2024-08-28 17:17 - 2022-12-22 09:58 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-08-28 17:16 - 2022-11-13 18:25 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-08-28 17:16 - 2021-01-18 23:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-08-28 11:32 - 2021-01-18 18:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-28 11:09 - 2021-12-18 12:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-27 19:08 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-27 16:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-27 16:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-27 09:28 - 2024-07-19 09:48 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-26 09:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-08-23 19:41 - 2024-07-21 14:52 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-08-23 19:41 - 2024-07-19 10:18 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2756002567-295290169-1842266776-500
2024-08-23 19:41 - 2024-07-19 10:18 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-08-23 19:41 - 2024-07-19 10:18 - 000002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-23 19:41 - 2024-06-22 18:21 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-23 19:41 - 2022-07-07 13:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2756002567-295290169-1842266776-1001
2024-08-23 19:40 - 2024-06-22 18:21 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-08-23 19:22 - 2024-06-22 16:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-08-23 19:21 - 2024-06-27 16:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-08-23 19:21 - 2024-06-22 16:41 - 000000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-08-23 19:21 - 2024-06-22 16:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-08-19 19:18 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-08-18 18:45 - 2021-01-18 19:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2024-08-18 18:44 - 2021-01-19 02:13 - 000000000 ____D C:\WINDOWS\Lenovo
2024-08-18 18:44 - 2021-01-18 19:07 - 000000000 ____D C:\ProgramData\Lenovo
2024-08-18 18:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2024-08-18 18:37 - 2021-01-20 19:40 - 000000000 ____D C:\ProgramData\AVAST Software
2024-08-18 18:37 - 2021-01-18 20:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-08-18 18:36 - 2021-04-06 07:11 - 000000000 ____D C:\ProgramData\Synaptics
2024-08-18 18:36 - 2021-01-18 19:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-18 18:36 - 2020-07-28 14:15 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-18 18:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-08-17 20:38 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-08-17 20:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-08-17 20:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-08-17 20:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\schemas
2024-08-17 20:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-08-17 20:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-08-17 19:40 - 2021-01-18 19:09 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-17 17:02 - 2021-01-21 09:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-08-17 16:37 - 2021-01-21 09:19 - 197093640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-08-08 08:02 - 2021-01-22 12:00 - 000549848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-08-04 20:36 - 2021-01-19 02:28 - 000788632 _____ C:\WINDOWS\system32\perfh005.dat
2024-08-04 20:36 - 2021-01-19 02:28 - 000175478 _____ C:\WINDOWS\system32\perfc005.dat
2024-08-04 20:36 - 2021-01-18 19:51 - 001890118 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-04 20:05 - 2024-06-17 18:20 - 000438968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-08-04 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-08-04 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-08-04 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-04 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-08-04 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-08-04 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-04 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-04 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-04 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-03 08:21 - 2021-01-22 11:33 - 000306648 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-08-03 08:20 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-08-03 08:18 - 2022-10-14 09:15 - 000027744 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswElam.sys
2024-08-03 08:18 - 2021-01-22 11:33 - 001198648 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-08-03 08:18 - 2021-01-22 11:33 - 000293944 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-08-03 08:18 - 2021-01-22 11:33 - 000271928 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-08-03 08:18 - 2021-01-22 11:33 - 000097840 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-08-03 08:18 - 2021-01-22 11:33 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-08-03 08:18 - 2021-01-22 11:33 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-08-03 08:18 - 2021-01-22 11:33 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-08-03 08:17 - 2021-01-22 11:33 - 000948792 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-08-03 08:17 - 2021-01-22 11:33 - 000229944 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-08-03 08:16 - 2021-01-22 11:33 - 000380984 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-07-29 09:34 - 2021-01-26 09:44 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-29 09:34 - 2021-01-26 09:44 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2021-02-14 20:53 - 2021-02-14 20:53 - 000000092 _____ () C:\Users\vkubi_000\AppData\Roaming\Control System_Settings.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by vlastimil (28-08-2024 19:10:09)
Running from C:\Users\vkubi_000\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) (2021-01-18 18:25:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2756002567-295290169-1842266776-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2756002567-295290169-1842266776-503 - Limited - Disabled)
Guest (S-1-5-21-2756002567-295290169-1842266776-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2756002567-295290169-1842266776-1003 - Limited - Enabled)
vlastimil (S-1-5-21-2756002567-295290169-1842266776-1001 - Administrator - Enabled) => C:\Users\vkubi_000
WDAGUtilityAccount (S-1-5-21-2756002567-295290169-1842266776-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 23.4.15807.16040 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.7.6124 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.7.10323.12854 - Avast Software)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1634.4 - AVG Technologies) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.27 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1208.2 - Piriform Software) Hidden
Expert Lotto 5 (HKLM\...\nbi-expertlotto-1.0.0.0.0) (Version: - )
Free Registry Defrag (HKLM-x32\...\Free Registry Defrag_is1) (Version: - iExpert Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.127 - Google LLC)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17830.20166 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.156.0804.0002 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 129.0.2 (x64 cs)) (Version: 129.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 127.0.1 - Mozilla)
MP3Studio YouTube Downloader (HKLM-x32\...\{2B96C253-7C3F-40AF-9B9C-C9F4E772C018}) (Version: 2.0.8.2 - MP3Studio/) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17830.20166 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17830.20166 - Microsoft Corporation) Hidden
Podpora aplikací Apple (64bitová) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
TapinRadio 2.04.2 (x32) (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - )
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2024-08-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_155.1.1088.0_x64__v10z8vjag6ke6 [2024-08-09] (HP Inc.)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24165.1414.2987.41_x64__8wekyb3d8bbwe [2024-07-19] (Microsoft) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21110.548.0_x64__8wekyb3d8bbwe [2024-03-21] (Microsoft Corporation)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2756002567-295290169-1842266776-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\vkubi_000\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2756002567-295290169-1842266776-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\vkubi_000\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2756002567-295290169-1842266776-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.156.0804.0002\FileSyncShell64.dll [2024-08-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-08-03] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\vkubi_000\Desktop\Vl - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\vkubi_000\Desktop\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vkubi_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Office.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=ocdlmjhbenodhlknglojajgokahchlkk
ShortcutWithArgument: C:\Users\vkubi_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vkubi_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\vkubi_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\vkubi_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\vkubi_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Vl (Osoba 2) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2024-07-19 10:09 - 2024-07-19 10:09 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2024-07-19 10:09 - 2024-07-19 10:09 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-10-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-10-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-01-27 09:14 - 2021-01-27 09:19 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\Control Panel\Desktop\\Wallpaper -> c:\users\vkubi_000\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\img1.jpg
HKU\S-1-5-21-2756002567-295290169-1842266776-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Qualcomm Atheros AR956x Wireless Network Adapter -> athw10x.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: avast => 2
MSCONFIG\Services: avastm => 3
MSCONFIG\Services: AvastSecureBrowserElevationService => 3
MSCONFIG\Services: avg => 2
MSCONFIG\Services: AVG Tools => 2
MSCONFIG\Services: avgm => 3
MSCONFIG\Services: AVGSecureBrowserElevationService => 3
MSCONFIG\Services: CCleanerPerformanceOptimizerService => 3
MSCONFIG\Services: CleanupPSvc => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: GoogleUpdaterInternalService128.0.6537.0 => 2
MSCONFIG\Services: GoogleUpdaterService128.0.6537.0 => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: ImControllerService => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SecureLine => 2
MSCONFIG\Services: valWBFPolicyService => 2
MSCONFIG\Services: valWbioSyncSvc => 2
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Sidebar803.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Sidebar989.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Sidebar755.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Sidebar672.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Url Monitor.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Sidebar309.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Sidebar733.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\StartupFolder: => "Sidebar389.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_FB3C3B6CBC049AC46F71FFA1F90EEDA7"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\Run: => "MP3Studio YouTube Downloader"
HKU\S-1-5-21-2756002567-295290169-1842266776-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6E236D41DB9779B1B99DA375447F9C68"
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\StartupApproved\StartupFolder: => "Sidebar947.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\StartupApproved\StartupFolder: => "Sidebar853.lnk"
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2756002567-295290169-1842266776-500\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{62D3F8D5-2F15-42BE-BA6D-76C0586E3988}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{02D8F56B-9A1A-4E38-8FBC-D1DA9777B1C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{463D118F-985D-4F67-AB28-4E4A248075ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9C831AB9-0B6C-41AA-9F56-16FAB9061F6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EAB757BB-1BA8-4844-90FB-E3C2F019900C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8FD077D8-38A9-4122-87FC-4FF33824AF58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4C100107-DDB1-4A7C-993D-4B94D91ABBB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EE609E94-93FB-4E2F-AEB5-F9F8C9E151A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{53414C1D-B38F-4403-8500-8DCE4320A3AF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{92C84504-9A7C-40C1-98B1-EB1F92C52502}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{2C39BEC8-7F15-491B-BB2A-07E5159D3A5A}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C16BA713-7A0D-4793-8AAB-C0EF63ABCAA7}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{53BFD7F7-313A-4271-9F5B-38542B2D46BF}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{9C4B956B-CB2C-4E29-8568-8F3892BA3158}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{DB7555DD-0B46-41A9-BFCA-AAD5FF6E039F}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{64D7E2E9-7370-40FD-9A44-9912A4CD9834}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{A5ADC933-5440-4432-842F-321F02DAC3F3}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{855DFCEC-62E5-4FB0-BD86-E14116E295FB}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{02CFDA5C-ABF8-4C1A-B257-D622D85BC3C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{62BF4A19-5D16-40ED-9087-7A9DA9BCECEC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4AFA34F7-FCCC-4BBE-85D1-74FB5AD72DF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB52D7E5-036B-42CB-98E8-063DFA15EB0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87667B58-CC27-42CF-862D-69A4E90933CE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24ED8D6A-2F36-48B5-818B-481D708B5755}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FB0995BD-6A33-4081-9CBD-A844A5AAD386}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9613EE28-80D2-415D-8640-B5BF3DE38C62}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{41CB53AF-F19C-4F72-9311-7A9C035645A3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0D6184F-8181-4E4C-B9A6-E7F319D3A018}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1812325-7308-4D92-941B-B9324181B43E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{675E95D5-5D9A-4BF6-9266-2F0EFDE62322}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C8932ED-1B93-4C48-98D6-F6C9AA0D3923}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24165.1414.2987.41_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D4A9CD1-4B70-4026-8054-4228CD8D0DD8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24165.1414.2987.41_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A952B61C-025D-4791-9CB0-EAD2B0E55C73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78F0B5A5-3FEC-4F63-9B19-AFACCD3A5A9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22ABCFA8-80A3-43F0-AC0C-5DE6EB856450}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4697AFD-17E9-41F1-BB25-287280C67C4E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D35A5EEA-F007-4FCF-810E-EC7FC66E6EB1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
12-08-2024 15:44:39 Naplánovaný kontrolní bod
17-08-2024 17:02:56 Instalační služba modulů systému Windows
17-08-2024 17:30:32 Instalační služba modulů systému Windows
17-08-2024 18:28:36 Instalační služba modulů systému Windows
27-08-2024 18:02:11 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/28/2024 05:28:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.4717 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1d14
Čas spuštění: 01daf95e8e6bf6f3
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 97d9a020-6735-4a28-bab1-817126b989e6
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.15.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (08/28/2024 05:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.4717, časové razítko: 0xd2644892
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x6de581f0
ID chybujícího procesu: 0x2bc8
Čas spuštění chybující aplikace: 0x01daf95d6d3fa018
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 42f44391-8f86-4a8e-82ee-faf337696ce3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/28/2024 11:04:32 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.4717 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1cc8
Čas spuštění: 01daf92920853c75
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: fc95f959-b922-4810-a3b7-d3b7361f9832
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.15.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (08/27/2024 05:09:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.4717 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2f18
Čas spuštění: 01daf892f4e4786d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: bb85a600-a84d-4734-9ed2-4924703094f7
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.15.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (08/27/2024 04:57:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\vkubi_000\Desktop\msedge.exe se nezdařilo.
Závislé sestavení 120.0.2210.61,language="*",type="win32",version="120.0.2210.61" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/27/2024 09:27:52 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Lenovo-PC)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
Error: (08/27/2024 09:27:52 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Lenovo-PC)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
Error: (08/26/2024 07:22:16 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (08/26/2024 09:34:35 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/19/2024 07:50:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Camera Frame Server byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/19/2024 07:47:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Pomocník pro přihlášení pomocí účtu Microsoft neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (08/19/2024 07:47:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Pomocník pro přihlášení pomocí účtu Microsoft bylo dosaženo časového limitu (30000 ms).
Error: (08/17/2024 08:37:39 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.
Error: (08/17/2024 08:37:34 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (08/17/2024 08:37:34 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (08/17/2024 08:31:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ClickToRunSvc bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================Event[0]:
Date: 2022-11-08 08:00:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.379.25.0
Předchozí verze bezpečnostních informací: 1.329.2627.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19800.4
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2022-11-08 08:00:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.379.25.0
Předchozí verze bezpečnostních informací: 1.329.2627.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19800.4
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2022-11-08 08:00:12
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.19800.4
Předchozí verze modulu: 1.1.17700.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2021-09-10 14:42:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2627.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-09-10 14:42:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2627.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2024-08-28 17:15:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 9CCN30WW(V2.08) 11/26/2014
Motherboard: LENOVO Lenovo B50-30
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 90%
Total physical RAM: 3978.19 MB
Available physical RAM: 390.07 MB
Total Virtual: 6154.19 MB
Available Virtual: 2006.12 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:423.1 GB) (Free:204.17 GB) (Model: ST500LT012-1DG142) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:13.33 GB) (Model: ST500LT012-1DG142) NTFS
\\?\Volume{c487d510-5913-47bc-998b-e89f03103264}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{8ff18cbd-f313-48ce-b03f-40033e7eec1a}\ () (Fixed) (Total:0.84 GB) (Free:0.22 GB) NTFS
\\?\Volume{3e91e73a-2cbd-4472-bcb4-10cdff330a34}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{e8427acf-6140-4386-8702-87f78dceefe3}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{27a78a8f-e282-42b7-857b-1eb57ffcf149}\ (PBR_DRV) (Fixed) (Total:13.49 GB) (Free:2.96 GB) NTFS
\\?\Volume{1bda7093-b1d7-4fb9-b45c-657eb6026153}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3ACB66DE)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {C0104A6E-6612-4F1A-A523-962E9410CDF9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
U1 aswbdisk; no ImagePath
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by vlastimil (29-08-2024 08:45:28) Run:5
Running from C:\Users\vkubi_000\Desktop
Loaded Profiles: vlastimil & Administrator
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {C0104A6E-6612-4F1A-A523-962E9410CDF9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
U1 aswbdisk; no ImagePath
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0104A6E-6612-4F1A-A523-962E9410CDF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0104A6E-6612-4F1A-A523-962E9410CDF9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB}" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18113226 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 77555503 B
Edge => 0 B
Chrome => 409220339 B
Firefox => 1121843140 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9464 B
NetworkService => 9464 B
vkubi_000 => 136655205 B
Administrator => 136796057 B
DefaultAppPool => 136796057 B
RecycleBin => 0 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-08-2024 08:53:59)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 08:54:34 ====
Ran by vlastimil (29-08-2024 08:45:28) Run:5
Running from C:\Users\vkubi_000\Desktop
Loaded Profiles: vlastimil & Administrator
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {C0104A6E-6612-4F1A-A523-962E9410CDF9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
U1 aswbdisk; no ImagePath
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B0E3F1B-7BE3-4732-AA9E-F2786CC3FE0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0104A6E-6612-4F1A-A523-962E9410CDF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0104A6E-6612-4F1A-A523-962E9410CDF9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{76A48CE6-BD10-4897-8D12-4499F0884CDB}" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18113226 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 77555503 B
Edge => 0 B
Chrome => 409220339 B
Firefox => 1121843140 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9464 B
NetworkService => 9464 B
vkubi_000 => 136655205 B
Administrator => 136796057 B
DefaultAppPool => 136796057 B
RecycleBin => 0 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-08-2024 08:53:59)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 08:54:34 ====
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu
Bylo smazáno, log již bude OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu
PC SE ZRYCHLIL
Děkuji
Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?