Prosím o kontrolu :)
Napsal: 09 říj 2019 18:34
dobrý vecer
prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mara at 2019-10-09 19:35:11
Microsoft Windows 10 Home
System drive C: has 17 GB (7%) free of 237 GB
Total RAM: 3839 MB (24% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:22, on 09.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Garmin\Express\express.exe
C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\trend micro\Mara.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 19.152.0801.0008\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 19.152.0801.0008] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 8823 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
"C:\WINDOWS\system32\nvvsvc.exe"
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ae6798f9-a1c9-4a10-b013-4b29ddc8a833 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-95b0692a-6b09-4492-9711-3901693a79f9 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-43266fc4-3878-40a6-8542-5626e58bcaf8 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6c76a0ed-ea38-49ef-9248-2c2cb60c1e9e -LifetimeId:5b2a290e-19ff-44d0-bf70-56d0c8c47cab -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\Explorer.EXE
"c:\program files\avast software\avast\aswEngSrv.exe" /pipename="5C040287-2C07-2CB5-E205-9A001692CE49" /binpath="c:\program files\avast software\avast"
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log
"ctfmon.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
/QuitInfo:0000000000000228;000000000000022C;
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
AvastUI.exe /nogui
szndesktop.exe default start
"C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\rempl\sedsvc.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
CefSharp.BrowserSubprocess.exe --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x086e --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.4201 --gpu-driver-date=11-14-2016 --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --service-request-channel-token=D2A2F1F1E0CA9F43ABC5DB76CA011530 --mojo-platform-channel-handle=4296 /prefetch:2
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe" -ServerName:Microsoft.ZuneMusic.AppX48dcrcgzqqdshm3kf61t0cm5e9pyd6h6.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe" -ServerName:PdfReader.AppXt4g7dx0jktgcrhe5cw5qf7t4q86jznsh.mca
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s W32Time
"C:\Program Files\rempl\sedlauncher.exe"
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LkNFrFImh0+rF/hH.1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe32_ Global\UsGthrCtrlFltPipeMssGthrPipe32 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.0.1290830575\1435909563" -parentBuildID 20190917135527 -prefsHandle 1368 -prefMapHandle 1364 -prefsLen 1 -prefMapSize 199324 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 1476 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.3.820559032\1164271647" -childID 1 -isForBrowser -prefsHandle 2288 -prefMapHandle 2292 -prefsLen 200 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 2244 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.13.940004202\1763834580" -childID 2 -isForBrowser -prefsHandle 4568 -prefMapHandle 4572 -prefsLen 7008 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 4584 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.27.851064968\2056500169" -childID 4 -isForBrowser -prefsHandle 8216 -prefMapHandle 8200 -prefsLen 9003 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 8136 tab
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
taskhostw.exe
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXqkse0fm95yjw31mkxdxj995368ze5snq.mca
"C:\Users\Mara\Desktop\FRST64.exe"
/updateInstalled /background
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.41.1562155427\1159601949" -childID 6 -isForBrowser -prefsHandle 5112 -prefMapHandle 9196 -prefsLen 10289 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 8340 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.48.445555030\464282384" -childID 7 -isForBrowser -prefsHandle 4408 -prefMapHandle 5044 -prefsLen 10289 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 3580 tab
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.62.159830002\90790138" -childID 9 -isForBrowser -prefsHandle 8272 -prefMapHandle 7752 -prefsLen 10512 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 8744 tab
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4cc
"C:\Users\Mara\Downloads\RSITx64(1).exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 736 740 748 8192 744
=========Mozilla firefox=========
ProfilePath - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-07-25 269192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-09 1592440]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe []
"cz.seznam.software.autoupdate"=C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"GarminExpress"=C:\Program Files (x86)\Garmin\Express\express.exe [2019-02-12 30905920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Uninstall 19.152.0801.0008\amd64"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Uninstall 19.152.0801.0008"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-09 19:35:11 ----D---- C:\Program Files\trend micro
2019-10-09 19:24:47 ----D---- C:\avast! sandbox
2019-10-09 19:20:19 ----D---- C:\ProgramData\Mozilla
2019-10-09 19:12:54 ----HD---- C:\OneDriveTemp
2019-10-09 19:08:00 ----HD---- C:\$WINDOWS.~BT
2019-10-09 18:56:50 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-10-09 18:56:29 ----A---- C:\WINDOWS\system32\drivers\aswb4727f3daf141e4b.tmp
2019-10-09 18:56:29 ----A---- C:\WINDOWS\system32\drivers\asw1ff725e202c71213.tmp
2019-09-21 23:29:12 ----ASH---- C:\swapfile.sys
2019-09-21 23:29:11 ----ASH---- C:\pagefile.sys
2019-09-21 23:29:10 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2019-10-09 19:35:11 ----RD---- C:\Program Files
2019-10-09 19:33:57 ----D---- C:\WINDOWS\Prefetch
2019-10-09 19:33:57 ----D---- C:\Windows
2019-10-09 19:29:44 ----D---- C:\WINDOWS\Temp
2019-10-09 19:29:23 ----D---- C:\WINDOWS\system32\Tasks
2019-10-09 19:28:45 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-09 19:26:14 ----D---- C:\FRST
2019-10-09 19:20:19 ----HD---- C:\ProgramData
2019-10-09 19:20:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-09 19:20:01 ----D---- C:\Program Files\Mozilla Firefox
2019-10-09 19:16:49 ----D---- C:\WINDOWS\System32
2019-10-09 19:15:08 ----DC---- C:\WINDOWS\Panther
2019-10-09 19:13:18 ----HD---- C:\Program Files\WindowsApps
2019-10-09 19:08:00 ----D---- C:\WINDOWS\system32\drivers
2019-10-09 19:07:07 ----D---- C:\WINDOWS\AppReadiness
2019-10-09 19:03:58 ----D---- C:\WINDOWS\system32\config
2019-10-09 19:03:27 ----D---- C:\WINDOWS\system32\sru
2019-10-09 18:57:40 ----D---- C:\WINDOWS\WinSxS
2019-10-09 18:56:50 ----HD---- C:\WINDOWS\ELAMBKUP
2019-09-22 04:22:30 ----D---- C:\WINDOWS\system32\SleepStudy
2019-09-22 00:58:59 ----SHD---- C:\WINDOWS\Installer
2019-09-22 00:58:59 ----SHD---- C:\Config.Msi
2019-09-22 00:53:57 ----RD---- C:\Program Files (x86)
2019-09-22 00:53:52 ----D---- C:\Program Files (x86)\Google
2019-09-22 00:03:02 ----SHD---- C:\Recovery
2019-09-21 23:45:08 ----D---- C:\Program Files\Opera
2019-09-21 23:38:25 ----D---- C:\Users\Mara\AppData\Roaming\Seznam.cz
2019-09-21 23:29:56 ----D---- C:\Program Files (x86)\TeamViewer
2019-09-21 22:29:47 ----D---- C:\WINDOWS\system32\catroot2
2019-09-21 22:29:22 ----SHD---- C:\System Volume Information
2019-09-21 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-09-21 17:11:15 ----D---- C:\WINDOWS\Logs
2019-09-21 12:46:15 ----D---- C:\WINDOWS\system32\DriverStore
2019-09-21 12:46:15 ----D---- C:\WINDOWS\INF
2019-09-21 12:27:29 ----RD---- C:\WINDOWS\Microsoft.NET
2019-09-21 12:18:19 ----D---- C:\WINDOWS\Registration
2019-09-21 09:58:43 ----D---- C:\Program Files\rempl
2019-09-21 09:36:39 ----N---- C:\WINDOWS\system32\drivers\aswbcbf9a4d4ada2f7e.tmp
2019-09-21 09:35:59 ----N---- C:\WINDOWS\system32\drivers\aswe0f74d793bc49606.tmp
2019-09-21 09:15:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-09 37616]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-09 209552]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-09 65120]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-09 16304]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-09 83792]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-09 316528]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-09 204824]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-09 274456]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-09 276952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-09 42736]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-09 110320]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-09 848432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-09 460448]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-09-21 168896]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-07-25 225816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 82432]
R3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-12 604160]
R3 rtl8192se;@net8192se64.inf,%RTL8192se.Service.DispName%;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\WINDOWS\System32\drivers\rtl8192se.sys [2018-04-12 1222656]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 ew_usbccgpfilter;@oem60.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2018-12-12 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-06-07 76304]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 115328]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2016-12-09 461424]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-07-25 414976]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_3540b;Uživatelská služba platformy připojených zařízení_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2018-10-22 190784]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_3540b;Hostitel synchronizace_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 357680]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-07-25 6797008]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_3540b;Data kontaktů_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-07-25 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_3540b;Uživatelská služba pro GameDVR a vysílání her_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_3540b;Služba pro podporu uživatelů Bluetooth_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_3540b;DevicePicker_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_3540b;Tok zařízení_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-04-20 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 1106416]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_3540b;Služba zasílání zpráv_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-10-09 242720]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_3540b;PrintWorkflow_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Mara (administrator) on DESKTOP-2SQL7M7 (09-10-2019 19:29:17)
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Microsoft Corporation) C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-25] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30905920 2019-02-12] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Uninstall 19.152.0801.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Uninstall 19.152.0801.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {595ba379-1f50-11e9-9a22-0025d32f82ff} - "E:\AutoRun.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {595ba412-1f50-11e9-9a22-0025d32f82ff} - "E:\AutoRun.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {ccf8f074-95bc-11e9-9a2f-4061860b4475} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30905920 2019-02-12] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.87.176.1 8.8.8.8
Tcpip\..\Interfaces\{163113ee-5f44-4a63-be4f-f28fe1554749}: [DhcpNameServer] 80.87.176.1 8.8.8.8
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: rawzxbc2.default-1570641619220
FF ProfilePath: Profiles/rawzxbc2.default-1570641619220 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220 [2019-10-09]
FF Extension: (Firefox Monitor) - C:\Program Files\Mozilla Firefox\browser\features\fxmonitor@mozilla.org.xpi [2019-10-09] [not signed]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2019-10-09] [not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-09-22] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-09-22] (Google LLC)
Chrome:
=======
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2019-09-21]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-26]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-26]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-26]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-09-21]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-21]
CHR Extension: (Avast Online Security) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-31]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-25] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-25] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-25] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1364992 2019-06-07] (Microsoft Corporation)
R3 BcastDVRUserService_3540b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R3 BcastDVRUserService_3540b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_3540b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_3540b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
S3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [1106416 2019-09-18] (Google LLC)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] () [File not signed]
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-16] (TeamViewer GmbH)
S3 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1456640 2018-05-20] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-09] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-09] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-09] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-09] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-09] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-09] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168896 2019-09-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-09] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-07-25] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-09] (AVAST Software)
S3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Huawei Technologies Co., Ltd.)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Huawei Technologies Co., Ltd.)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-09 19:29 - 2019-10-09 19:30 - 000017687 _____ C:\Users\Mara\Desktop\FRST.txt
2019-10-09 19:27 - 2018-02-03 16:35 - 002393088 _____ (Farbar) C:\Users\Mara\Desktop\FRST64.exe
2019-10-09 19:26 - 2019-10-09 19:28 - 000010849 _____ C:\Users\Mara\Downloads\FRST.txt
2019-10-09 19:24 - 2019-10-09 19:24 - 000000000 ____D C:\avast! sandbox
2019-10-09 19:23 - 2019-10-09 19:24 - 001451520 _____ (Farbar) C:\Users\Mara\Downloads\FRST.exe
2019-10-09 19:20 - 2019-10-09 19:20 - 000000000 ____D C:\Users\Mara\Desktop\Původní data aplikace Firefox
2019-10-09 19:20 - 2019-10-09 19:20 - 000000000 ____D C:\ProgramData\Mozilla
2019-10-09 19:16 - 2019-10-09 19:16 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-10-09 19:12 - 2019-10-09 19:12 - 000000000 ___HD C:\OneDriveTemp
2019-10-09 19:08 - 2019-10-09 19:08 - 000000000 ___HD C:\$WINDOWS.~BT
2019-10-09 18:56 - 2019-10-09 18:55 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-10-09 18:56 - 2019-10-09 18:55 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1ff725e202c71213.tmp
2019-10-09 18:56 - 2019-10-09 18:55 - 000171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb4727f3daf141e4b.tmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-09 19:32 - 2016-07-18 15:34 - 000000000 ___RD C:\Users\Mara\OneDrive
2019-10-09 19:29 - 2018-05-27 03:00 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-772858087-439378103-3593226653-1001
2019-10-09 19:29 - 2018-04-28 05:03 - 000002358 _____ C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-09 19:28 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-09 19:26 - 2018-02-03 16:35 - 000000000 ____D C:\FRST
2019-10-09 19:22 - 2016-12-11 20:33 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Mozilla
2019-10-09 19:20 - 2018-02-04 17:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-09 19:20 - 2018-02-04 17:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-09 19:20 - 2018-02-04 17:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-09 19:15 - 2018-04-10 22:45 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-09 19:13 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-09 19:07 - 2019-02-13 01:24 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-09 19:07 - 2019-02-13 01:24 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-09 19:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-09 18:57 - 2019-02-13 01:26 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-10-09 18:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-09 18:55 - 2019-02-13 09:26 - 000276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-09 18:54 - 2019-02-13 01:24 - 000274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-09 18:54 - 2019-02-13 01:24 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-09 18:54 - 2019-02-13 01:24 - 000065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-22 04:22 - 2018-04-28 04:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-22 00:53 - 2018-05-27 03:00 - 000003474 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-22 00:53 - 2018-05-27 03:00 - 000003350 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-22 00:53 - 2018-02-26 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-22 00:46 - 2019-02-13 01:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-09-22 00:46 - 2018-05-27 03:00 - 000003306 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1517756210
2019-09-22 00:46 - 2018-05-27 03:00 - 000002702 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2019-09-21 23:49 - 2019-01-03 15:06 - 000000000 ____D C:\Users\Mara\Desktop\das
2019-09-21 23:45 - 2019-08-23 02:08 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-09-21 23:45 - 2018-02-04 16:55 - 000000000 ____D C:\Program Files\Opera
2019-09-21 23:38 - 2018-02-26 13:47 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Seznam.cz
2019-09-21 23:29 - 2019-01-03 15:23 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-21 23:29 - 2018-05-27 03:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-21 22:30 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-21 22:28 - 2018-05-27 02:59 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-09-21 22:28 - 2018-05-27 02:59 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-09-21 12:46 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-21 12:40 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-09-21 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-09-21 10:02 - 2018-02-26 18:11 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-21 09:58 - 2018-11-16 20:13 - 000000000 ____D C:\Program Files\rempl
2019-09-21 09:36 - 2019-02-13 01:24 - 000387688 ____N (AVAST Software) C:\WINDOWS\system32\Drivers\aswbcbf9a4d4ada2f7e.tmp
2019-09-21 09:35 - 2019-07-25 00:24 - 000168896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-21 09:35 - 2019-02-13 01:24 - 001030784 ____N (AVAST Software) C:\WINDOWS\system32\Drivers\aswe0f74d793bc49606.tmp
2019-09-21 09:35 - 2019-02-13 01:24 - 001030784 ____N (AVAST Software) C:\WINDOWS\system32\Drivers\asw916ea6569663db6c.backup
2019-09-21 09:30 - 2019-07-18 11:32 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-21 09:30 - 2019-07-18 11:32 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-09-21 09:30 - 2019-01-03 15:28 - 000000000 ____D C:\Users\Mara\AppData\Local\TeamViewer
2019-09-21 09:16 - 2018-04-12 17:50 - 000718288 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-21 09:16 - 2018-04-12 17:50 - 000145518 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-21 09:15 - 2018-05-27 02:53 - 001697638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-28 04:58
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Mara (09-10-2019 19:32:32)
Running from C:\Users\Mara\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-27 01:01:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-772858087-439378103-3593226653-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-772858087-439378103-3593226653-503 - Limited - Disabled)
Guest (S-1-5-21-772858087-439378103-3593226653-501 - Limited - Disabled)
Mara (S-1-5-21-772858087-439378103-3593226653-1001 - Administrator - Enabled) => C:\Users\Mara
WDAGUtilityAccount (S-1-5-21-772858087-439378103-3593226653-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ANT Drivers Installer x64 (HKLM\...\{1545D39F-D296-42D3-9E3A-D3DDC83FF45C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Elevated Installer (HKLM-x32\...\{22234FFC-C2DA-4662-8295-119232148609}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{39D2E3D2-3CCD-486E-9AFA-1B91C9B0AF76}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{e51e84de-2206-4ef2-91fb-8ae3f9cb68e2}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.11.75 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 69.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 69.0.1 (x64 cs)) (Version: 69.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Seznam Software (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Streaming Audio Recorder V4.2.3 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.2.3 - APOWERSOFT LIMITED)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.2452 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {22224915-032C-4C5B-99DE-33CE96D385D2} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {34853FA9-A427-41B0-B862-70114E392B40} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {396650E1-8B5B-4273-B77B-1CB4192CF79B} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4BBC2AC4-06FA-4281-AED1-817C17691CD2} - System32\Tasks\Opera scheduled Autoupdate 1517756210 => C:\Program Files\Opera\launcher.exe [2019-10-04] (Opera Software)
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {56E89F6F-46EE-4703-85A9-951D71FEEC5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-07-25] (AVAST Software)
Task: {5B23A6CD-DB8B-4597-8E32-C8F6361AD831} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2019-02-12] ()
Task: {5CFEE3C7-897E-4E88-8CAA-E23141F2D801} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {709AA954-A915-439B-8300-B4F4B3ABB886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {A00E9060-9D59-4E92-8AAF-23AACA90385B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A25B3F2B-258C-4382-ACFC-CCCA2012B87A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {ADD3B595-5503-467F-83F4-06AEAD61A282} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {BFCC1C62-4AF3-4565-9670-644F38669D74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-05-20] (Microsoft Corporation)
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D60119C0-F065-4B23-8BB3-846CB3608863} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {E0772545-B7D6-4F43-B272-B681E02DCAB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {EF926841-9A95-468F-A5DC-ACF3FB667D86} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-09-21] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-02-04 01:40 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-10-22 05:15 - 2018-10-22 05:15 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-04-08 19:17 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\6226libfoxloader-x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-07-10 00:23 - 2019-06-13 08:11 - 002759680 ____N () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-07-10 00:23 - 2019-06-13 08:10 - 002184192 ____N () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-13 01:30 - 2019-02-13 01:30 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-07-25 00:23 - 2019-07-25 00:23 - 000656264 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-02-26 13:47 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-02-26 13:48 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-10-22 22:21 - 2018-10-22 22:22 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 010374656 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 003235328 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\skypert.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-02-18 00:31 - 2019-02-18 00:33 - 002362096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\Processing.NDI.Lib.UWP.x64.dll
2019-09-21 11:16 - 2019-09-21 11:17 - 026138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-09-21 11:16 - 2019-09-21 11:17 - 000289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-04 17:19 - 2018-02-04 17:20 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 14:38 - 2018-11-29 14:39 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-09-21 11:16 - 2019-09-21 11:17 - 005704192 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-09-21 11:16 - 2019-09-21 11:17 - 008989184 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-09-21 10:04 - 2019-09-21 10:05 - 023313408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-09-21 10:04 - 2019-09-21 10:05 - 000289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-04 17:19 - 2018-02-04 17:20 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 14:38 - 2018-11-29 14:39 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-09-21 10:04 - 2019-09-21 10:05 - 005704704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 000484352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-09-21 11:06 - 2019-09-21 11:07 - 080926208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-02-04 17:29 - 2018-02-04 17:31 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-05-09 14:24 - 2019-05-09 14:25 - 003707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-07-11 11:20 - 2019-07-11 11:21 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 013437440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 003027456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-09 14:24 - 2019-05-09 14:25 - 001014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 000123904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 001418240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 001398784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 000138752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\SKU.dll
2019-09-21 11:25 - 2019-09-21 11:26 - 032688640 _____ () C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.2.0_x64__xbfy0k16fey96\DropboxUniversal.dll
2018-10-02 15:54 - 2018-10-02 15:54 - 001123840 _____ () C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.2.0_x64__xbfy0k16fey96\e_sqlite3.dll
2018-02-26 13:48 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\6422libfoxloader.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2019-02-12 12:06 - 2019-02-12 12:06 - 000073216 _____ () C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2018-02-26 13:47 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () C:\Program Files (x86)\Garmin\Express\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-02-04 01:11 - 2018-02-04 01:06 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.87.176.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EE62944E-F244-47B0-B4C0-AB7941C920BD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{97765A53-7C24-4401-9077-E2061D88F5B4}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9C0DF38F-94B3-4CA4-AF30-168C9182D1EE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{CEA0834B-9784-46EA-AED1-2363F6F729D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4DCE0CEF-EC94-4833-9EDA-99B99BA974CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{66CE529D-41C3-457B-B8F0-5619B668D5BD}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{99C43F6A-D618-4A13-ADCF-B2CB2EA0F03A}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{6672976D-4D6C-41F8-A3E9-A2F0615D7DC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{D28463BA-5D4B-4A91-B367-FFCF050CE5B2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6C334161-2443-453E-9D9A-7DEE9DDAAF9E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DCA369CF-6D6B-48C7-8FB0-BFF63710D9C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79095635-C071-4A81-A475-9ED942A86266}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB8962E2-7F58-4A4E-986D-8261949BB730}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1856911A-9F11-4F44-889C-5BDDA09F4D46}] => (Allow) C:\Program Files\Opera\63.0.3368.71\opera.exe
FirewallRules: [{9155E250-CA54-4297-95B3-5A1C0E7260A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E1F981FA-FB1B-474F-B11B-CB900A70ED08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{433BA91D-E9BB-4723-9037-B308EB72E6C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FBC9D7EA-18ED-4F58-A5D7-486AC9E1ABBF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CBA1FDFB-E0D8-4CF1-B1D5-01BCB77435BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F287024E-D147-4841-94A1-49A0D045C97A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C88B27BF-F65B-458B-94FA-EE714A42E654}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EE48CC55-CAA0-4141-8CA4-A54DE75E155A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DDC99207-8AC4-4B37-B8EB-C6B85983DB6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E0A1062C-9C54-414B-8F29-A53BFBC070BC}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Koprocesor
Description: Koprocesor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2019 07:28:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 27.1.2018.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 2c88
Čas spuštění: 01d57ec69851e67c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\Mara\Downloads\FRST64.exe
ID hlášení: d9bc6579-a669-40f3-a674-f3aba853f4b7
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (09/21/2019 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SoftwareUpdate.exe verze 2.1.3.127 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 29f8
Čas spuštění: 01d5704d7b3664af
Čas ukončení: 103
Cesta k aplikaci: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
ID hlášení: 422018f8-3c15-4a24-9743-03460520c99d
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/23/2019 02:07:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SoftwareUpdate.exe verze 2.1.3.127 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 114
Čas spuštění: 01d559444b56a382
Čas ukončení: 1257
Cesta k aplikaci: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
ID hlášení: 9d96ca4c-f124-4869-8d49-bece6358df3c
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/23/2019 01:44:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WINWORD.EXE verze 12.0.4518.1014 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 14b0
Čas spuštění: 01d559423150c859
Čas ukončení: 83
Cesta k aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
ID hlášení: 9ab572f7-f4a6-490a-90c5-099ef11a813b
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (07/10/2019 12:21:42 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Sběr dat čítače výkonu od služby Outlook byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.
Error: (07/10/2019 12:21:42 AM) (Source: Perflib) (EventID: 1021) (User: )
Description: Systém Windows nemůže otevřít 32bitovou knihovnu DLL rozšiřitelných čítačů Outlook v 64bitovém prostředí. Vyžádejte si od prodejce souboru 64bitovou verzi, popřípadě můžete 32bitovou knihovnu DLL rozšiřujících čítačů otevřít pomocí 32bitové verze nástroje Sledování výkonu. Jestliže chcete použít tento nástroj, otevřete složku systému Windows, otevřete složku Syswow64 a spusťte program Perfmon.exe.
Error: (06/24/2019 05:59:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19041.16510.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1f9c
Čas spuštění: 01d52174cb80d508
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: 3ea50a52-01ff-42d2-8fc5-04c326fd4676
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe
ID aplikace související s balíčkem s chybou: App
Error: (06/12/2019 12:18:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswblog.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (06/03/2019 10:20:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswblog.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (05/25/2019 12:29:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17134.1, časové razítko: 0xb3ceae44
Název chybujícího modulu: ntdll.dll, verze: 10.0.17134.556, časové razítko: 0x319e0a75
Kód výjimky: 0xc0000374
Posun chyby: 0x000d8529
ID chybujícího procesu: 0x148
Čas spuštění chybující aplikace: 0x01d512e4c023cd5a
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f5353bdf-2caa-4852-8482-08df194b50ad
Úplný název chybujícího balíčku: SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0
ID aplikace související s chybujícím balíčkem: Spotify
System errors:
=============
Error: (10/09/2019 07:26:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 07:26:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 07:10:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 07:10:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 06:59:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 06:58:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/22/2019 01:23:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/21/2019 11:37:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0xc1900101): Aktualizace funkcí na Windows 10, verze 1903.
Error: (09/21/2019 11:36:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/21/2019 11:34:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 77%
Total physical RAM: 3839.23 MB
Available physical RAM: 875.06 MB
Total Virtual: 4479.23 MB
Available Virtual: 722.09 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.51 GB) (Free:16.23 GB) NTFS
Drive e: (Externi HDD) (Fixed) (Total:1397.26 GB) (Free:478.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 6697A7D7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=845 MB) - (Type=27)
========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 3F5C7D3B)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mara at 2019-10-09 19:35:11
Microsoft Windows 10 Home
System drive C: has 17 GB (7%) free of 237 GB
Total RAM: 3839 MB (24% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:22, on 09.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Garmin\Express\express.exe
C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\trend micro\Mara.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 19.152.0801.0008\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 19.152.0801.0008] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 8823 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
"C:\WINDOWS\system32\nvvsvc.exe"
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ae6798f9-a1c9-4a10-b013-4b29ddc8a833 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-95b0692a-6b09-4492-9711-3901693a79f9 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-43266fc4-3878-40a6-8542-5626e58bcaf8 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6c76a0ed-ea38-49ef-9248-2c2cb60c1e9e -LifetimeId:5b2a290e-19ff-44d0-bf70-56d0c8c47cab -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\Explorer.EXE
"c:\program files\avast software\avast\aswEngSrv.exe" /pipename="5C040287-2C07-2CB5-E205-9A001692CE49" /binpath="c:\program files\avast software\avast"
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log
"ctfmon.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
/QuitInfo:0000000000000228;000000000000022C;
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
AvastUI.exe /nogui
szndesktop.exe default start
"C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\rempl\sedsvc.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
CefSharp.BrowserSubprocess.exe --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x086e --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.4201 --gpu-driver-date=11-14-2016 --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --service-request-channel-token=D2A2F1F1E0CA9F43ABC5DB76CA011530 --mojo-platform-channel-handle=4296 /prefetch:2
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe" -ServerName:Microsoft.ZuneMusic.AppX48dcrcgzqqdshm3kf61t0cm5e9pyd6h6.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe" -ServerName:PdfReader.AppXt4g7dx0jktgcrhe5cw5qf7t4q86jznsh.mca
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s W32Time
"C:\Program Files\rempl\sedlauncher.exe"
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LkNFrFImh0+rF/hH.1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe32_ Global\UsGthrCtrlFltPipeMssGthrPipe32 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.0.1290830575\1435909563" -parentBuildID 20190917135527 -prefsHandle 1368 -prefMapHandle 1364 -prefsLen 1 -prefMapSize 199324 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 1476 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.3.820559032\1164271647" -childID 1 -isForBrowser -prefsHandle 2288 -prefMapHandle 2292 -prefsLen 200 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 2244 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.13.940004202\1763834580" -childID 2 -isForBrowser -prefsHandle 4568 -prefMapHandle 4572 -prefsLen 7008 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 4584 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.27.851064968\2056500169" -childID 4 -isForBrowser -prefsHandle 8216 -prefMapHandle 8200 -prefsLen 9003 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 8136 tab
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
taskhostw.exe
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXqkse0fm95yjw31mkxdxj995368ze5snq.mca
"C:\Users\Mara\Desktop\FRST64.exe"
/updateInstalled /background
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.41.1562155427\1159601949" -childID 6 -isForBrowser -prefsHandle 5112 -prefMapHandle 9196 -prefsLen 10289 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 8340 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.48.445555030\464282384" -childID 7 -isForBrowser -prefsHandle 4408 -prefMapHandle 5044 -prefsLen 10289 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 3580 tab
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11732.62.159830002\90790138" -childID 9 -isForBrowser -prefsHandle 8272 -prefMapHandle 7752 -prefsLen 10512 -prefMapSize 199324 -parentBuildID 20190917135527 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 11732 "\\.\pipe\gecko-crash-server-pipe.11732" 8744 tab
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4cc
"C:\Users\Mara\Downloads\RSITx64(1).exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 736 740 748 8192 744
=========Mozilla firefox=========
ProfilePath - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-07-25 269192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-09 1592440]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe []
"cz.seznam.software.autoupdate"=C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"GarminExpress"=C:\Program Files (x86)\Garmin\Express\express.exe [2019-02-12 30905920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Uninstall 19.152.0801.0008\amd64"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Uninstall 19.152.0801.0008"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-09 19:35:11 ----D---- C:\Program Files\trend micro
2019-10-09 19:24:47 ----D---- C:\avast! sandbox
2019-10-09 19:20:19 ----D---- C:\ProgramData\Mozilla
2019-10-09 19:12:54 ----HD---- C:\OneDriveTemp
2019-10-09 19:08:00 ----HD---- C:\$WINDOWS.~BT
2019-10-09 18:56:50 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-10-09 18:56:29 ----A---- C:\WINDOWS\system32\drivers\aswb4727f3daf141e4b.tmp
2019-10-09 18:56:29 ----A---- C:\WINDOWS\system32\drivers\asw1ff725e202c71213.tmp
2019-09-21 23:29:12 ----ASH---- C:\swapfile.sys
2019-09-21 23:29:11 ----ASH---- C:\pagefile.sys
2019-09-21 23:29:10 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2019-10-09 19:35:11 ----RD---- C:\Program Files
2019-10-09 19:33:57 ----D---- C:\WINDOWS\Prefetch
2019-10-09 19:33:57 ----D---- C:\Windows
2019-10-09 19:29:44 ----D---- C:\WINDOWS\Temp
2019-10-09 19:29:23 ----D---- C:\WINDOWS\system32\Tasks
2019-10-09 19:28:45 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-09 19:26:14 ----D---- C:\FRST
2019-10-09 19:20:19 ----HD---- C:\ProgramData
2019-10-09 19:20:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-09 19:20:01 ----D---- C:\Program Files\Mozilla Firefox
2019-10-09 19:16:49 ----D---- C:\WINDOWS\System32
2019-10-09 19:15:08 ----DC---- C:\WINDOWS\Panther
2019-10-09 19:13:18 ----HD---- C:\Program Files\WindowsApps
2019-10-09 19:08:00 ----D---- C:\WINDOWS\system32\drivers
2019-10-09 19:07:07 ----D---- C:\WINDOWS\AppReadiness
2019-10-09 19:03:58 ----D---- C:\WINDOWS\system32\config
2019-10-09 19:03:27 ----D---- C:\WINDOWS\system32\sru
2019-10-09 18:57:40 ----D---- C:\WINDOWS\WinSxS
2019-10-09 18:56:50 ----HD---- C:\WINDOWS\ELAMBKUP
2019-09-22 04:22:30 ----D---- C:\WINDOWS\system32\SleepStudy
2019-09-22 00:58:59 ----SHD---- C:\WINDOWS\Installer
2019-09-22 00:58:59 ----SHD---- C:\Config.Msi
2019-09-22 00:53:57 ----RD---- C:\Program Files (x86)
2019-09-22 00:53:52 ----D---- C:\Program Files (x86)\Google
2019-09-22 00:03:02 ----SHD---- C:\Recovery
2019-09-21 23:45:08 ----D---- C:\Program Files\Opera
2019-09-21 23:38:25 ----D---- C:\Users\Mara\AppData\Roaming\Seznam.cz
2019-09-21 23:29:56 ----D---- C:\Program Files (x86)\TeamViewer
2019-09-21 22:29:47 ----D---- C:\WINDOWS\system32\catroot2
2019-09-21 22:29:22 ----SHD---- C:\System Volume Information
2019-09-21 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-09-21 17:11:15 ----D---- C:\WINDOWS\Logs
2019-09-21 12:46:15 ----D---- C:\WINDOWS\system32\DriverStore
2019-09-21 12:46:15 ----D---- C:\WINDOWS\INF
2019-09-21 12:27:29 ----RD---- C:\WINDOWS\Microsoft.NET
2019-09-21 12:18:19 ----D---- C:\WINDOWS\Registration
2019-09-21 09:58:43 ----D---- C:\Program Files\rempl
2019-09-21 09:36:39 ----N---- C:\WINDOWS\system32\drivers\aswbcbf9a4d4ada2f7e.tmp
2019-09-21 09:35:59 ----N---- C:\WINDOWS\system32\drivers\aswe0f74d793bc49606.tmp
2019-09-21 09:15:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-09 37616]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-09 209552]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-09 65120]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-09 16304]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-09 83792]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-09 316528]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-09 204824]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-09 274456]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-09 276952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-09 42736]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-09 110320]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-09 848432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-09 460448]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-09-21 168896]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-07-25 225816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 82432]
R3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-12 604160]
R3 rtl8192se;@net8192se64.inf,%RTL8192se.Service.DispName%;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\WINDOWS\System32\drivers\rtl8192se.sys [2018-04-12 1222656]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 ew_usbccgpfilter;@oem60.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2018-12-12 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-06-07 76304]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 115328]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2016-12-09 461424]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-07-25 414976]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_3540b;Uživatelská služba platformy připojených zařízení_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2018-10-22 190784]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_3540b;Hostitel synchronizace_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 357680]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-07-25 6797008]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_3540b;Data kontaktů_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-07-25 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_3540b;Uživatelská služba pro GameDVR a vysílání her_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_3540b;Služba pro podporu uživatelů Bluetooth_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_3540b;DevicePicker_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_3540b;Tok zařízení_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-04-20 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 1106416]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_3540b;Služba zasílání zpráv_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-10-09 242720]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_3540b;PrintWorkflow_3540b; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Mara (administrator) on DESKTOP-2SQL7M7 (09-10-2019 19:29:17)
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Microsoft Corporation) C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-25] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30905920 2019-02-12] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Uninstall 19.152.0801.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Uninstall 19.152.0801.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\19.152.0801.0008"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {595ba379-1f50-11e9-9a22-0025d32f82ff} - "E:\AutoRun.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {595ba412-1f50-11e9-9a22-0025d32f82ff} - "E:\AutoRun.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {ccf8f074-95bc-11e9-9a2f-4061860b4475} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30905920 2019-02-12] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.87.176.1 8.8.8.8
Tcpip\..\Interfaces\{163113ee-5f44-4a63-be4f-f28fe1554749}: [DhcpNameServer] 80.87.176.1 8.8.8.8
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: rawzxbc2.default-1570641619220
FF ProfilePath: Profiles/rawzxbc2.default-1570641619220 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220 [2019-10-09]
FF Extension: (Firefox Monitor) - C:\Program Files\Mozilla Firefox\browser\features\fxmonitor@mozilla.org.xpi [2019-10-09] [not signed]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2019-10-09] [not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-09-22] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-09-22] (Google LLC)
Chrome:
=======
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2019-09-21]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-26]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-26]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-26]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-09-21]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-21]
CHR Extension: (Avast Online Security) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-31]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-25] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-25] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-25] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1364992 2019-06-07] (Microsoft Corporation)
R3 BcastDVRUserService_3540b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R3 BcastDVRUserService_3540b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_3540b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_3540b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
S3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [1106416 2019-09-18] (Google LLC)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] () [File not signed]
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-16] (TeamViewer GmbH)
S3 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1456640 2018-05-20] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-09] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-09] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-09] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-09] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-09] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-09] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168896 2019-09-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-09] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-07-25] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-09] (AVAST Software)
S3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Huawei Technologies Co., Ltd.)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Huawei Technologies Co., Ltd.)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-09 19:29 - 2019-10-09 19:30 - 000017687 _____ C:\Users\Mara\Desktop\FRST.txt
2019-10-09 19:27 - 2018-02-03 16:35 - 002393088 _____ (Farbar) C:\Users\Mara\Desktop\FRST64.exe
2019-10-09 19:26 - 2019-10-09 19:28 - 000010849 _____ C:\Users\Mara\Downloads\FRST.txt
2019-10-09 19:24 - 2019-10-09 19:24 - 000000000 ____D C:\avast! sandbox
2019-10-09 19:23 - 2019-10-09 19:24 - 001451520 _____ (Farbar) C:\Users\Mara\Downloads\FRST.exe
2019-10-09 19:20 - 2019-10-09 19:20 - 000000000 ____D C:\Users\Mara\Desktop\Původní data aplikace Firefox
2019-10-09 19:20 - 2019-10-09 19:20 - 000000000 ____D C:\ProgramData\Mozilla
2019-10-09 19:16 - 2019-10-09 19:16 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-10-09 19:12 - 2019-10-09 19:12 - 000000000 ___HD C:\OneDriveTemp
2019-10-09 19:08 - 2019-10-09 19:08 - 000000000 ___HD C:\$WINDOWS.~BT
2019-10-09 18:56 - 2019-10-09 18:55 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-10-09 18:56 - 2019-10-09 18:55 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1ff725e202c71213.tmp
2019-10-09 18:56 - 2019-10-09 18:55 - 000171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb4727f3daf141e4b.tmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-09 19:32 - 2016-07-18 15:34 - 000000000 ___RD C:\Users\Mara\OneDrive
2019-10-09 19:29 - 2018-05-27 03:00 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-772858087-439378103-3593226653-1001
2019-10-09 19:29 - 2018-04-28 05:03 - 000002358 _____ C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-09 19:28 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-09 19:26 - 2018-02-03 16:35 - 000000000 ____D C:\FRST
2019-10-09 19:22 - 2016-12-11 20:33 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Mozilla
2019-10-09 19:20 - 2018-02-04 17:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-09 19:20 - 2018-02-04 17:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-09 19:20 - 2018-02-04 17:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-09 19:15 - 2018-04-10 22:45 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-09 19:13 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-09 19:07 - 2019-02-13 01:24 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-09 19:07 - 2019-02-13 01:24 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-09 19:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-09 18:57 - 2019-02-13 01:26 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-10-09 18:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-09 18:55 - 2019-02-13 09:26 - 000276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-09 18:55 - 2019-02-13 01:24 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-09 18:54 - 2019-02-13 01:24 - 000274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-09 18:54 - 2019-02-13 01:24 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-09 18:54 - 2019-02-13 01:24 - 000065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-22 04:22 - 2018-04-28 04:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-22 00:53 - 2018-05-27 03:00 - 000003474 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-22 00:53 - 2018-05-27 03:00 - 000003350 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-22 00:53 - 2018-02-26 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-22 00:46 - 2019-02-13 01:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-09-22 00:46 - 2018-05-27 03:00 - 000003306 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1517756210
2019-09-22 00:46 - 2018-05-27 03:00 - 000002702 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2019-09-21 23:49 - 2019-01-03 15:06 - 000000000 ____D C:\Users\Mara\Desktop\das
2019-09-21 23:45 - 2019-08-23 02:08 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-09-21 23:45 - 2018-02-04 16:55 - 000000000 ____D C:\Program Files\Opera
2019-09-21 23:38 - 2018-02-26 13:47 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Seznam.cz
2019-09-21 23:29 - 2019-01-03 15:23 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-21 23:29 - 2018-05-27 03:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-21 22:30 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-21 22:28 - 2018-05-27 02:59 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-09-21 22:28 - 2018-05-27 02:59 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-09-21 12:46 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-21 12:40 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-09-21 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-09-21 10:02 - 2018-02-26 18:11 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-21 09:58 - 2018-11-16 20:13 - 000000000 ____D C:\Program Files\rempl
2019-09-21 09:36 - 2019-02-13 01:24 - 000387688 ____N (AVAST Software) C:\WINDOWS\system32\Drivers\aswbcbf9a4d4ada2f7e.tmp
2019-09-21 09:35 - 2019-07-25 00:24 - 000168896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-21 09:35 - 2019-02-13 01:24 - 001030784 ____N (AVAST Software) C:\WINDOWS\system32\Drivers\aswe0f74d793bc49606.tmp
2019-09-21 09:35 - 2019-02-13 01:24 - 001030784 ____N (AVAST Software) C:\WINDOWS\system32\Drivers\asw916ea6569663db6c.backup
2019-09-21 09:30 - 2019-07-18 11:32 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-21 09:30 - 2019-07-18 11:32 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-09-21 09:30 - 2019-01-03 15:28 - 000000000 ____D C:\Users\Mara\AppData\Local\TeamViewer
2019-09-21 09:16 - 2018-04-12 17:50 - 000718288 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-21 09:16 - 2018-04-12 17:50 - 000145518 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-21 09:15 - 2018-05-27 02:53 - 001697638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-28 04:58
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Mara (09-10-2019 19:32:32)
Running from C:\Users\Mara\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-27 01:01:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-772858087-439378103-3593226653-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-772858087-439378103-3593226653-503 - Limited - Disabled)
Guest (S-1-5-21-772858087-439378103-3593226653-501 - Limited - Disabled)
Mara (S-1-5-21-772858087-439378103-3593226653-1001 - Administrator - Enabled) => C:\Users\Mara
WDAGUtilityAccount (S-1-5-21-772858087-439378103-3593226653-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ANT Drivers Installer x64 (HKLM\...\{1545D39F-D296-42D3-9E3A-D3DDC83FF45C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Elevated Installer (HKLM-x32\...\{22234FFC-C2DA-4662-8295-119232148609}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{39D2E3D2-3CCD-486E-9AFA-1B91C9B0AF76}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{e51e84de-2206-4ef2-91fb-8ae3f9cb68e2}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.11.75 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 69.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 69.0.1 (x64 cs)) (Version: 69.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Seznam Software (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Streaming Audio Recorder V4.2.3 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.2.3 - APOWERSOFT LIMITED)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.2452 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {22224915-032C-4C5B-99DE-33CE96D385D2} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {34853FA9-A427-41B0-B862-70114E392B40} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {396650E1-8B5B-4273-B77B-1CB4192CF79B} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4BBC2AC4-06FA-4281-AED1-817C17691CD2} - System32\Tasks\Opera scheduled Autoupdate 1517756210 => C:\Program Files\Opera\launcher.exe [2019-10-04] (Opera Software)
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {56E89F6F-46EE-4703-85A9-951D71FEEC5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-07-25] (AVAST Software)
Task: {5B23A6CD-DB8B-4597-8E32-C8F6361AD831} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2019-02-12] ()
Task: {5CFEE3C7-897E-4E88-8CAA-E23141F2D801} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {709AA954-A915-439B-8300-B4F4B3ABB886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {A00E9060-9D59-4E92-8AAF-23AACA90385B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A25B3F2B-258C-4382-ACFC-CCCA2012B87A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {ADD3B595-5503-467F-83F4-06AEAD61A282} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {BFCC1C62-4AF3-4565-9670-644F38669D74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-05-20] (Microsoft Corporation)
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D60119C0-F065-4B23-8BB3-846CB3608863} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {E0772545-B7D6-4F43-B272-B681E02DCAB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {EF926841-9A95-468F-A5DC-ACF3FB667D86} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-09-21] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-02-04 01:40 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-10-22 05:15 - 2018-10-22 05:15 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-04-08 19:17 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\6226libfoxloader-x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-07-10 00:23 - 2019-06-13 08:11 - 002759680 ____N () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-07-10 00:23 - 2019-06-13 08:10 - 002184192 ____N () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-13 01:30 - 2019-02-13 01:30 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-07-25 00:23 - 2019-07-25 00:23 - 000656264 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-02-26 13:47 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-02-26 13:48 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-10-22 22:21 - 2018-10-22 22:22 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 010374656 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 003235328 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\skypert.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-02-18 00:31 - 2019-02-18 00:33 - 002362096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\Processing.NDI.Lib.UWP.x64.dll
2019-09-21 11:16 - 2019-09-21 11:17 - 026138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-09-21 11:16 - 2019-09-21 11:17 - 000289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-04 17:19 - 2018-02-04 17:20 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 14:38 - 2018-11-29 14:39 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-09-21 11:16 - 2019-09-21 11:17 - 005704192 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-09-21 11:16 - 2019-09-21 11:17 - 008989184 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-09-21 09:47 - 2019-09-21 09:48 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-09-21 10:04 - 2019-09-21 10:05 - 023313408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-09-21 10:04 - 2019-09-21 10:05 - 000289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-04 17:19 - 2018-02-04 17:20 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 14:38 - 2018-11-29 14:39 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-09-21 10:04 - 2019-09-21 10:05 - 005704704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19072.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 000484352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-09-21 11:06 - 2019-09-21 11:07 - 080926208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-02-04 17:29 - 2018-02-04 17:31 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-05-09 14:24 - 2019-05-09 14:25 - 003707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-07-11 11:20 - 2019-07-11 11:21 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 013437440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 003027456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-09 14:24 - 2019-05-09 14:25 - 001014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 000123904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 001418240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 001398784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2019-09-21 11:06 - 2019-09-21 11:07 - 000138752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\SKU.dll
2019-09-21 11:25 - 2019-09-21 11:26 - 032688640 _____ () C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.2.0_x64__xbfy0k16fey96\DropboxUniversal.dll
2018-10-02 15:54 - 2018-10-02 15:54 - 001123840 _____ () C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.2.0_x64__xbfy0k16fey96\e_sqlite3.dll
2018-02-26 13:48 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\6422libfoxloader.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2019-02-12 12:06 - 2019-02-12 12:06 - 000073216 _____ () C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2018-02-26 13:47 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () C:\Program Files (x86)\Garmin\Express\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-02-04 01:11 - 2018-02-04 01:06 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.87.176.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EE62944E-F244-47B0-B4C0-AB7941C920BD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{97765A53-7C24-4401-9077-E2061D88F5B4}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9C0DF38F-94B3-4CA4-AF30-168C9182D1EE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{CEA0834B-9784-46EA-AED1-2363F6F729D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4DCE0CEF-EC94-4833-9EDA-99B99BA974CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{66CE529D-41C3-457B-B8F0-5619B668D5BD}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{99C43F6A-D618-4A13-ADCF-B2CB2EA0F03A}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{6672976D-4D6C-41F8-A3E9-A2F0615D7DC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{D28463BA-5D4B-4A91-B367-FFCF050CE5B2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6C334161-2443-453E-9D9A-7DEE9DDAAF9E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DCA369CF-6D6B-48C7-8FB0-BFF63710D9C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79095635-C071-4A81-A475-9ED942A86266}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB8962E2-7F58-4A4E-986D-8261949BB730}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1856911A-9F11-4F44-889C-5BDDA09F4D46}] => (Allow) C:\Program Files\Opera\63.0.3368.71\opera.exe
FirewallRules: [{9155E250-CA54-4297-95B3-5A1C0E7260A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E1F981FA-FB1B-474F-B11B-CB900A70ED08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{433BA91D-E9BB-4723-9037-B308EB72E6C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FBC9D7EA-18ED-4F58-A5D7-486AC9E1ABBF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CBA1FDFB-E0D8-4CF1-B1D5-01BCB77435BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F287024E-D147-4841-94A1-49A0D045C97A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C88B27BF-F65B-458B-94FA-EE714A42E654}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EE48CC55-CAA0-4141-8CA4-A54DE75E155A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DDC99207-8AC4-4B37-B8EB-C6B85983DB6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E0A1062C-9C54-414B-8F29-A53BFBC070BC}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Koprocesor
Description: Koprocesor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2019 07:28:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 27.1.2018.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 2c88
Čas spuštění: 01d57ec69851e67c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\Mara\Downloads\FRST64.exe
ID hlášení: d9bc6579-a669-40f3-a674-f3aba853f4b7
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (09/21/2019 09:28:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SoftwareUpdate.exe verze 2.1.3.127 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 29f8
Čas spuštění: 01d5704d7b3664af
Čas ukončení: 103
Cesta k aplikaci: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
ID hlášení: 422018f8-3c15-4a24-9743-03460520c99d
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/23/2019 02:07:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SoftwareUpdate.exe verze 2.1.3.127 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 114
Čas spuštění: 01d559444b56a382
Čas ukončení: 1257
Cesta k aplikaci: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
ID hlášení: 9d96ca4c-f124-4869-8d49-bece6358df3c
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/23/2019 01:44:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WINWORD.EXE verze 12.0.4518.1014 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 14b0
Čas spuštění: 01d559423150c859
Čas ukončení: 83
Cesta k aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
ID hlášení: 9ab572f7-f4a6-490a-90c5-099ef11a813b
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (07/10/2019 12:21:42 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Sběr dat čítače výkonu od služby Outlook byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.
Error: (07/10/2019 12:21:42 AM) (Source: Perflib) (EventID: 1021) (User: )
Description: Systém Windows nemůže otevřít 32bitovou knihovnu DLL rozšiřitelných čítačů Outlook v 64bitovém prostředí. Vyžádejte si od prodejce souboru 64bitovou verzi, popřípadě můžete 32bitovou knihovnu DLL rozšiřujících čítačů otevřít pomocí 32bitové verze nástroje Sledování výkonu. Jestliže chcete použít tento nástroj, otevřete složku systému Windows, otevřete složku Syswow64 a spusťte program Perfmon.exe.
Error: (06/24/2019 05:59:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19041.16510.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1f9c
Čas spuštění: 01d52174cb80d508
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: 3ea50a52-01ff-42d2-8fc5-04c326fd4676
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe
ID aplikace související s balíčkem s chybou: App
Error: (06/12/2019 12:18:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswblog.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (06/03/2019 10:20:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswblog.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (05/25/2019 12:29:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17134.1, časové razítko: 0xb3ceae44
Název chybujícího modulu: ntdll.dll, verze: 10.0.17134.556, časové razítko: 0x319e0a75
Kód výjimky: 0xc0000374
Posun chyby: 0x000d8529
ID chybujícího procesu: 0x148
Čas spuštění chybující aplikace: 0x01d512e4c023cd5a
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f5353bdf-2caa-4852-8482-08df194b50ad
Úplný název chybujícího balíčku: SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0
ID aplikace související s chybujícím balíčkem: Spotify
System errors:
=============
Error: (10/09/2019 07:26:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 07:26:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 07:10:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 07:10:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 06:59:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2019 06:58:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/22/2019 01:23:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/21/2019 11:37:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0xc1900101): Aktualizace funkcí na Windows 10, verze 1903.
Error: (09/21/2019 11:36:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2SQL7M7)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2SQL7M7\Mara (SID: S-1-5-21-772858087-439378103-3593226653-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/21/2019 11:34:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 77%
Total physical RAM: 3839.23 MB
Available physical RAM: 875.06 MB
Total Virtual: 4479.23 MB
Available Virtual: 722.09 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.51 GB) (Free:16.23 GB) NTFS
Drive e: (Externi HDD) (Fixed) (Total:1397.26 GB) (Free:478.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 6697A7D7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=845 MB) - (Type=27)
========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 3F5C7D3B)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================