vyskakující okno ohledně viru v notebooku (MS Edge)
Napsal: 09 bře 2022 19:36
Ahoj,
mám velikou prosbu, půjčil jsem včera notebook svojí sestře a ona mi ho vrátila ve stavu, kdy mi cca každých 10 min vyskakuje okno (viz příloha),
že je v pc vir....
Níže posílám logy z FRST , prosím o řešení předem moc děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2022
Ran by Já (administrator) on DESKTOP-THCR9VP (HP HP ProBook 440 G7) (09-03-2022 19:20:27)
Running from C:\Users\Já\Downloads
Loaded Profiles: Já
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.209\DiscoverySrv.exe
(C:\Program Files\Bitdefender Antivirus Free\vsserv.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f31d3fd59f245137\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f31d3fd59f245137\RtkAudUService64.exe [1255264 2021-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [GoogleChromeAutoLaunch_9FE22663AB17750FDC06C95DF7C6A50D] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-07-01]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B52735D-FF25-4394-BDB0-518C4B9EDC46} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254096 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2C5AC034-C6E9-4DF2-98BB-4579D51E1ADE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {39758433-8BA2-4888-B63B-6DDDA3A03DF5} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1663936 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {8F2EAD38-B836-442C-8010-85E10D1842A9} - System32\Tasks\CCleanerSkipUAC - Já => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {93C91ED5-8C5D-40EC-BA2F-504EB0270F6E} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30208384 2022-03-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A2FA46DF-0280-448A-B4F0-AA152EC46238} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {ADD59437-91C3-40CD-9363-4975595494E7} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.209\WatchDog.exe [1050216 2022-01-13] (Bitdefender SRL -> Bitdefender)
Task: {C54DD032-8A38-478C-8DB8-6525013075BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {E4406DAC-3160-4684-B39A-450B85FF43D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
Task: {E46CCC6F-2DB6-419E-8802-BDD06337A6A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {FE7AD8EB-54BF-450A-AA6A-D703DFFF8164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{802de428-069d-4993-b4eb-3df5ea4c6a34}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d34617ef-721c-4e41-b1f8-fbabc1ebf661}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
Edge Notifications: Default -> hxxps://imendocals.com
Edge Extension: (Avira Safe Shopping) - C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-03-08]
Edge Extension: (Avira Password Manager) - C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-03-08]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: kihwzjy4.default
FF ProfilePath: C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default [2021-10-12]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-cs@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-de@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (English (US) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Español (España) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Finnish Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-fi@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Français Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-fr@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Galego (España) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-gl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-he@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-hu@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-it@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Japanese Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ja@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ko@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-nl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Polski Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-pl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ru@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (српски (sr) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sr@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default [2022-03-09]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-29]
CHR Extension: (Dokumenty) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-29]
CHR Extension: (Disk Google) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-29]
CHR Extension: (Avira Password Manager) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-03-08]
CHR Extension: (Tabulky) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-29]
CHR Extension: (Avira Browser Safety) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-03-08]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2021-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-08]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-29]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-06-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-01-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2998096 2021-11-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264288 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [265608 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2019-03-27] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [350008 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe [1512544 2021-10-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe [761856 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe [760864 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe [756720 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe [494688 2021-11-21] (HP Inc. -> HP Inc.)
S2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe [591968 2021-10-30] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-06] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [786536 2022-02-01] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6133448 2022-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-07-17] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [585824 2022-02-04] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-07-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3947928 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [800672 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-07-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-07-18] (Bitdefender SRL -> Bitdefender)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-07-07] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 bhtsdhubdr; C:\WINDOWS\System32\drivers\bhtsdhubdr.sys [202456 2020-10-22] (BayHub Technology Inc. -> BayHubTech)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1190288 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [623008 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [532360 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425208 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-09 19:20 - 2022-03-09 19:21 - 000032564 _____ C:\Users\Já\Downloads\FRST.txt
2022-03-09 19:19 - 2022-03-09 19:20 - 000000000 ____D C:\FRST
2022-03-09 19:18 - 2022-03-09 19:18 - 005659583 _____ (Swearware) C:\Users\Já\Downloads\ComboFix.exe
2022-03-09 19:18 - 2022-03-09 19:18 - 002364928 _____ (Farbar) C:\Users\Já\Downloads\FRST64.exe
2022-03-09 19:09 - 2022-03-09 19:09 - 000319176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_82e68bada_klark.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 115464184 _____ (AO Kaspersky Lab) C:\Users\Já\Downloads\KVRT.exe
2022-03-09 19:08 - 2022-03-09 19:08 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\82e68bad.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 000227664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_82e68bada_mark.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 000000000 ____D C:\KVRT2020_Data
2022-03-09 19:04 - 2022-03-09 19:04 - 000388608 _____ (Trend Micro Inc.) C:\Users\Já\Downloads\hijackthis (1).exe
2022-03-09 19:02 - 2022-03-09 19:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\Já\Downloads\hijackthis.exe
2022-03-09 17:57 - 2022-03-09 17:57 - 000000000 ___HD C:\$WinREAgent
2022-03-09 17:56 - 2022-03-09 17:56 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-03-08 23:21 - 2022-03-08 23:21 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2022-03-08 19:56 - 2022-03-08 20:15 - 348593776 _____ C:\Users\Já\Desktop\DaneJones - Yasmeena - Sweet Afghan student romantic fuck.mp4
2022-03-08 19:51 - 2022-03-08 20:05 - 239324355 _____ C:\Users\Já\Desktop\WhiteBoxxx - Stacy Cruz Young Czech Babe Romantic Sex Session With Intense Creampie Climax - RedTube.mp4
2022-03-08 19:49 - 2022-03-08 19:53 - 075513133 _____ C:\Users\Já\Desktop\Romantic-Sex-Film-for-Couple.mp4
2022-03-08 19:46 - 2022-03-08 20:51 - 1192203370 _____ C:\Users\Já\Desktop\12-05-16 Romantic Memories (Connie).mp4
2022-03-08 19:15 - 2022-03-08 21:10 - 000000000 ____D C:\Users\Public\Security Sessions
2022-03-08 19:15 - 2022-03-08 19:15 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-03-08 19:14 - 2022-03-08 19:14 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2022-03-08 19:14 - 2022-03-08 19:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2022-03-08 19:14 - 2021-10-22 08:45 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2022-03-08 19:14 - 2021-06-25 13:59 - 000022848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys
2022-03-08 19:14 - 2021-02-09 18:03 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2022-03-08 19:14 - 2019-06-07 14:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2022-03-08 19:13 - 2022-03-08 19:16 - 000000000 ____D C:\Users\Já\AppData\Local\Avira
2022-03-08 19:13 - 2022-03-08 19:14 - 000000000 ____D C:\Program Files (x86)\Avira
2022-03-08 19:13 - 2022-03-08 19:13 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-03-08 19:13 - 2022-03-08 19:13 - 000003772 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2022-03-08 19:13 - 2022-03-08 19:13 - 000003480 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-03-08 19:13 - 2022-03-08 19:13 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-03-08 19:13 - 2022-03-08 19:13 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-03-08 19:13 - 2022-03-08 19:13 - 000001150 _____ C:\Users\Public\Desktop\Avira.lnk
2022-03-08 19:13 - 2022-03-08 19:13 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-03-08 19:13 - 2022-03-08 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-03-08 19:12 - 2022-03-08 19:15 - 000000000 ____D C:\ProgramData\Avira
2022-03-08 19:12 - 2022-03-08 19:12 - 005548536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Já\Downloads\avira_en_sptl1_63007768-1646763146__phpws-spotlight-release.exe
2022-03-08 19:06 - 2022-03-08 19:06 - 008540344 _____ (Malwarebytes) C:\Users\Já\Downloads\adwcleaner_8.3.1.exe
2022-03-06 21:37 - 2022-03-05 18:06 - 066347880 _____ C:\Users\Já\Desktop\20220305_180625.mp4
2022-03-06 21:22 - 2022-03-06 21:23 - 000000000 ____D C:\Users\Já\Desktop\brno
2022-03-06 18:45 - 2022-03-06 18:49 - 089223322 _____ C:\Users\Já\Desktop\Porno pro ženy silná dávka něžností - FreeVideo.cz – Nejnavštěvovanější erotický portál.mp4
2022-03-06 18:44 - 2022-03-06 18:49 - 099317077 _____ C:\Users\Já\Desktop\Ranní romantika (porno pro ženy) - FreeVideo.cz – Nejnavštěvovanější erotický portál.mp4
2022-03-06 18:43 - 2022-03-06 19:01 - 316806116 _____ C:\Users\Já\Desktop\Speciální porno pro ženy - FreeVideo.cz – Nejnavštěvovanější erotický portál_07-46-32.mp4
2022-03-06 18:42 - 2022-03-06 18:48 - 118682040 _____ C:\Users\Já\Desktop\romanticky-sex-na-soukromem-doucovani.mp4
2022-03-06 18:41 - 2022-03-06 19:22 - 754003817 _____ C:\Users\Já\Desktop\kraska-ma-rada-romanticky-sexkunda-,18-let-,xxx,sex,porno,domaci,mlada,teen,nevyholena,hairy,amaterka,oral,novinka,2013,cz,za-penize,za-prachy.wmv
2022-03-06 18:41 - 2022-03-06 18:53 - 206945474 _____ C:\Users\Já\Desktop\lasko-udelame-si-romanticky-vecer-byxxxpornxx.sex.xxx.porno.mp4
2022-03-06 18:41 - 2022-03-06 18:52 - 201685818 _____ C:\Users\Já\Desktop\romanticky-sex-s-ceskou-kraskou-540p.mp4
2022-03-01 18:48 - 2022-03-01 18:51 - 067645691 _____ C:\Users\Já\Desktop\[ Amateri ] smirovani moji holky s kamosem 336p.mp4
2022-03-01 18:38 - 2022-03-01 19:58 - 1482118131 _____ C:\Users\Já\Desktop\Kámen, nůžky, papír_Schnick Schnack Schnuck_2015_titulky.CZ.mkv
2022-02-27 10:03 - 2022-02-27 10:03 - 000214277 _____ C:\Users\Já\Downloads\poukaz.pptx
2022-02-27 10:02 - 2022-02-27 10:02 - 000005388 _____ C:\Users\Já\Desktop\stažený soubor.jfif
2022-02-26 09:24 - 2022-02-26 09:24 - 000000000 ____D C:\Users\Já\AppData\Local\HP_Inc
2022-02-25 17:54 - 2022-02-25 17:54 - 000001170 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2022-02-23 22:17 - 2022-02-23 22:17 - 001856288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\btwake.sys
2022-02-23 22:16 - 2022-02-23 22:16 - 006920816 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2022-02-23 22:16 - 2022-02-23 22:16 - 000337296 _____ (Intel Corporation) C:\WINDOWS\system32\JHI64.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000321424 _____ (Intel Corporation) C:\WINDOWS\system32\TEEManagement64.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000272272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\JHI.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000259456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\TEEManagement.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000091648 _____ (HP Inc.) C:\WINDOWS\system32\Drivers\btwake.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000020976 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2022-02-23 20:43 - 2022-02-24 19:55 - 3550434759 _____ C:\Users\Já\Desktop\Cheza.je.jen.jedna.2020.1080p.WEB-DL.DD2.0.H.264.CZ-TreZzoR.mkv
2022-02-23 17:41 - 2022-02-23 18:22 - 751887145 _____ C:\Users\Já\Desktop\Tantra průvodce tantrickým orálním sexem-1.-díl.mp4
2022-02-23 17:38 - 2022-02-23 18:10 - 589184006 _____ C:\Users\Já\Desktop\Tantra-masáž-pro-muže---Fabi.mp4
2022-02-23 17:38 - 2022-02-23 18:07 - 538462861 _____ C:\Users\Já\Desktop\Tantra masáž penisu- Fabi.mp4
2022-02-23 17:36 - 2022-02-23 18:05 - 525282999 _____ C:\Users\Já\Desktop\Tantra-Imaginations_SexArt-1080p.mp4
2022-02-21 17:46 - 2022-02-21 17:46 - 000000000 ____D C:\Program Files\Intel
2022-02-21 17:24 - 2022-02-21 17:45 - 383741952 _____ C:\Users\Já\Desktop\Tantra--masáž-pro-ženu---Genital-Massage-For-Women.avi
2022-02-20 21:44 - 2022-02-21 17:33 - 1514248568 _____ C:\Users\Já\Desktop\Skola sexu 14.mkv
2022-02-20 21:19 - 2022-02-20 21:58 - 722346284 _____ C:\Users\Já\Desktop\XXX-sex-porn_DVD 1 - The Original Lovers Guide.avi
2022-02-20 20:52 - 2022-03-08 23:10 - 000000000 ____D C:\Users\Já\Desktop\P
2022-02-20 16:57 - 2022-02-20 16:57 - 000000000 ___HD C:\$Windows.~WS
2022-02-20 16:33 - 2022-02-25 17:54 - 000000000 ____D C:\Users\Já\AppData\Local\Hewlett-Packard
2022-02-20 12:42 - 2021-07-07 03:42 - 000004608 _____ (HP Inc.) C:\WINDOWS\SysWOW64\SigFile.exe
2022-02-20 12:28 - 2022-02-20 12:28 - 000000000 ____D C:\Users\Já\AppData\Roaming\Hewlett-Packard
2022-02-20 12:23 - 2022-02-20 12:23 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-02-20 12:23 - 2022-02-20 12:23 - 000011821 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-20 12:22 - 2022-02-20 12:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-02-20 12:22 - 2022-02-20 12:22 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-02-20 12:22 - 2022-02-20 12:22 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-20 12:22 - 2022-02-20 12:22 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-20 12:21 - 2022-03-07 17:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-02-20 12:21 - 2022-02-25 17:55 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-02-20 12:21 - 2022-02-25 17:54 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-02-20 12:21 - 2022-02-20 12:22 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2022-02-20 12:21 - 2022-02-20 12:21 - 000000000 ____D C:\Users\Já\AppData\Roaming\hpqLog
2022-02-20 12:21 - 2022-02-20 12:21 - 000000000 ____D C:\system.sav
2022-02-20 12:17 - 2022-02-20 12:18 - 000000000 ____D C:\Users\Já\Desktop\Intel(R)_USB_3.0_eXtensible_Host_Controller_Driver_5.0.4.43_v2
2022-02-20 12:17 - 2022-02-20 12:17 - 005574777 _____ C:\Users\Já\Downloads\intel(r)_usb_3.0_extensible_host_controller_driver_5.0.4.43_v2.zip
2022-02-20 11:11 - 2022-02-20 11:35 - 000000000 ____D C:\Users\Já\Desktop\flash mamka
2022-02-19 13:15 - 2022-03-09 18:04 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-19 13:14 - 2022-02-19 13:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-02-19 13:14 - 2022-02-19 13:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-02-19 13:13 - 2022-02-19 13:13 - 000095692 _____ C:\ProgramData\agent.update.1645272790.bdinstall.v2.bin
2022-02-19 13:13 - 2022-02-19 13:13 - 000000000 ____D C:\Users\Já\AppData\Local\Bdch
2022-02-19 13:12 - 2022-03-09 18:00 - 000004204 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{05027FED-9EA5-4676-A708-ECE2F660F990}
2022-02-19 13:12 - 2022-03-09 17:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-19 13:12 - 2022-02-20 17:08 - 000015235 _____ C:\WINDOWS\diagwrn.xml
2022-02-19 13:12 - 2022-02-20 17:08 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-02-19 13:12 - 2022-02-19 13:13 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-02-19 13:12 - 2022-02-19 13:12 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-19 13:12 - 2022-02-19 13:12 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-19 13:12 - 2022-02-19 13:12 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-19 13:12 - 2022-02-19 13:12 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-19 13:12 - 2022-02-19 13:12 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-19 13:12 - 2022-02-19 13:12 - 000002246 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Já
2022-02-19 13:12 - 2022-02-19 13:12 - 000000020 ___SH C:\Users\Já\ntuser.ini
2022-02-19 13:07 - 2022-02-19 13:12 - 000000000 ____D C:\Users\Já
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Šablony
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Soubory cookie
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Poslední
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Okolní tiskárny
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Okolní síť
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Nabídka Start
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Dokumenty
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Obrázky
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Hudba
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Filmy
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Data aplikací
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\AppData\Local\Data aplikací
2022-02-19 13:07 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-19 13:05 - 2022-03-09 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-19 13:05 - 2022-03-08 21:05 - 000287944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-19 13:04 - 2022-02-19 13:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-02-19 13:03 - 2022-02-19 13:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-02-19 13:03 - 2022-02-19 13:03 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-02-19 13:02 - 2022-02-19 13:02 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-19 13:00 - 2022-02-19 13:00 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-02-19 13:00 - 2022-02-19 13:00 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-02-19 12:59 - 2022-02-19 12:59 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-19 12:59 - 2022-02-19 12:59 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-19 12:59 - 2022-02-19 12:59 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files\MSBuild
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-02-19 11:47 - 2022-03-03 19:00 - 000000000 ___DC C:\WINDOWS\Panther
2022-02-19 11:45 - 2022-02-19 11:47 - 000000036 _____ C:\WINDOWS\progress.ini
2022-02-19 11:33 - 2022-02-19 11:45 - 000000000 ___HD C:\$GetCurrent
2022-02-19 11:33 - 2022-02-19 11:45 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-09 19:22 - 2021-06-06 20:19 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2022-03-09 19:08 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2022-03-09 19:03 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\VirtualStore
2022-03-09 19:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-09 19:00 - 2021-05-29 08:48 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-09 18:56 - 2021-05-28 16:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-09 18:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-09 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-09 18:04 - 2019-12-07 15:43 - 000719452 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-09 18:04 - 2019-12-07 15:43 - 000145578 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-09 18:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-09 18:00 - 2021-06-06 20:06 - 000000000 ____D C:\Program Files\CCleaner
2022-03-09 17:56 - 2022-01-27 21:12 - 000000000 ____D C:\Program Files\TeamViewer
2022-03-09 17:56 - 2021-05-28 17:10 - 000000000 __SHD C:\Users\Já\IntelGraphicsProfiles
2022-03-09 17:56 - 2021-05-28 16:32 - 000000000 ____D C:\Intel
2022-03-09 17:56 - 2021-05-28 16:23 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-09 17:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-08 23:21 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-08 23:18 - 2021-05-29 15:47 - 000000000 ____D C:\Users\Já\AppData\Roaming\vlc
2022-03-08 19:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-08 17:38 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\Packages
2022-03-08 17:34 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\D3DSCache
2022-03-08 17:22 - 2021-05-29 08:48 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-08 17:22 - 2021-05-29 08:48 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-06 18:40 - 2021-12-23 11:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-06 18:40 - 2021-12-23 11:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-06 18:39 - 2021-12-23 11:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-06 18:39 - 2021-12-23 11:51 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-25 17:54 - 2021-10-01 15:50 - 000000000 ____D C:\Users\Já\AppData\Local\HP
2022-02-25 17:54 - 2021-05-29 10:10 - 000000000 ____D C:\Program Files (x86)\HP
2022-02-25 17:54 - 2021-05-29 09:52 - 000000000 ____D C:\SWSetup
2022-02-25 17:54 - 2021-05-28 16:38 - 000000000 ____D C:\ProgramData\HP
2022-02-21 17:46 - 2021-05-30 09:18 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-20 17:17 - 2021-08-18 19:13 - 000000000 ____D C:\ESD
2022-02-20 12:41 - 2021-05-28 16:30 - 000000000 ____D C:\ProgramData\Packages
2022-02-20 12:31 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-02-20 12:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-20 12:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-20 12:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-20 11:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-20 11:16 - 2021-05-28 16:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-20 11:14 - 2021-06-18 18:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-20 11:14 - 2021-05-28 16:34 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-20 10:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-02-19 14:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-19 13:13 - 2021-06-06 20:18 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-02-19 13:12 - 2021-05-28 16:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-02-19 13:12 - 2021-05-28 16:30 - 000000000 ___RD C:\Users\Já\3D Objects
2022-02-19 13:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-02-19 13:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-02-19 13:09 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2022-02-19 13:08 - 2022-01-19 19:06 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-02-19 13:08 - 2022-01-19 17:24 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2022-02-19 13:08 - 2021-12-02 21:32 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2022-02-19 13:08 - 2021-07-23 15:54 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nicepage
2022-02-19 13:06 - 2021-05-28 16:39 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-02-19 13:05 - 2021-12-02 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-02-19 13:05 - 2021-07-23 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueGriffon
2022-02-19 13:05 - 2021-07-23 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2022-02-19 13:05 - 2021-07-01 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2022-02-19 13:05 - 2021-06-06 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-02-19 13:05 - 2021-05-29 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-02-19 13:05 - 2021-05-29 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-19 13:05 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-02-19 13:04 - 2021-05-30 09:16 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-02-19 13:04 - 2021-05-28 16:49 - 000000000 ____D C:\WINDOWS\Firmware
2022-02-19 13:04 - 2021-05-28 16:39 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-02-19 12:56 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2022-02-19 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-02-19 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-02-19 11:17 - 2021-12-30 17:22 - 000000000 ____D C:\Users\Já\AppData\Local\CrashDumps
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2022
Ran by Já (09-03-2022 19:23:26)
Running from C:\Users\Já\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) (2022-02-19 12:12:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-176298533-3111144044-3321788608-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-176298533-3111144044-3321788608-503 - Limited - Disabled)
Guest (S-1-5-21-176298533-3111144044-3321788608-501 - Limited - Disabled)
Já (S-1-5-21-176298533-3111144044-3321788608-1001 - Administrator - Enabled) => C:\Users\Já
WDAGUtilityAccount (S-1-5-21-176298533-3111144044-3321788608-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.39.1.29668 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.62.27078 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.16.0.11273 - Avira Operations GmbH & Co. KG) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.209 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.21.234 - Bitdefender)
BlueGriffon version 3.1 (HKLM\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 3.1 - Disruptive Innovations SAS)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.51 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Malwarebytes version 4.5.5.175 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.5.175 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.36 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Nicepage 3.27.0 (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\c9e6a573-2a17-5f23-a9b7-1d442c8e5de0) (Version: 3.27.0 - Artisteer Limited)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1555 - Microsoft Corporation)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Trezor Suite 21.7.1 (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 21.7.1 - SatoshiLabs)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.25.245.0_x64__dt26b99r8h8gj [2022-02-23] (Realtek Semiconductor Corp)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-06] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2021-05-28] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1024.0_x64__8j3eq9eme6ctt [2022-02-23] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Studios) [MS Ad]
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.29.0_x64__tqn3m7kee4xc8 [2022-02-23] (O2 Czech Republic a.s.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-02-23] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0 [2022-03-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-25 11:31 - 2021-10-25 11:31 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2021-12-02 19:01 - 2021-11-24 15:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-12-04 15:41 - 2021-12-04 15:41 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2021-12-03 13:17 - 2021-12-03 13:17 - 004578816 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2021-12-03 13:16 - 2021-12-03 13:16 - 002832384 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2021-12-03 13:14 - 2021-12-03 13:14 - 006556672 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2021-06-06 19:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3AB519FD-2119-4403-968B-F5DAE169B713}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{75CE262E-B2DA-4F92-8DD8-B71F98D00DAB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{53FF4BDD-D8CD-4DC5-BFAC-FDC7AAAB2CF6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4E050165-FA9D-4AAD-A9A2-B25432DD1EFF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{FBDB7BB5-32B0-4881-8931-861BED1C079A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{AF7C09C7-437D-407E-ACAD-052789E03FA6}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{A2567B27-212A-4DB8-8478-BFCE01674D7F}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{8AEEAF73-E45B-445C-9F83-BE65678D0A39}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{9F42F1C1-C983-425B-AAA0-F9C36D123349}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6449210B-D934-4628-BF21-98456719A987}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EEBAA23B-BB8D-4D6F-8CF2-FB45572FB999}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3DC2017B-84A6-4989-9A5D-E159B2661EE8}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{CD91CB03-A3B9-4CE6-8BFF-A9CE3A2A6357}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{55B7C2E9-029C-4EB1-A512-277E80336804}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{90D2E694-F6DB-41B3-8143-8B9BB620496A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED8A7480-36A0-4CA7-B1E9-195AC5D0771B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EBE3D914-2C2B-44D6-90F9-49A2AD8595C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CAA84D8-9399-4375-9A61-DF75F1EFC338}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{588FDEB8-F7BE-46D9-9ED9-6A5B09688AC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A3CF475-715B-48B7-AB2B-EE534EEDBDFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7A7806C4-DE16-4961-AB02-0EDEB998520A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D24AB0EF-E6EE-4826-846B-B391B3E4FB19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBB1D72C-B94C-4717-9D32-9D18723F876D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{425E69F3-59FA-42E6-95A3-1853E15B9832}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
06-03-2022 20:21:59 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/08/2022 07:15:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/08/2022 05:35:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program msedge.exe verze 99.0.1150.30 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3c24
Čas spuštění: 01d8330a61be0f8c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
ID hlášení: fc87e3a9-25a8-4eb7-bb01-655300089b15
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (03/06/2022 09:04:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1566 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 20b0
Čas spuštění: 01d8317f50849928
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 160153ba-875f-4bd9-9049-fd5da8dc3cc1
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/25/2022 04:53:49 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-THCR9VP)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (03/09/2022 05:56:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/09/2022 05:56:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/08/2022 09:05:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/08/2022 09:05:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/06/2022 11:00:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-THCR9VP)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/06/2022 08:25:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NFFX4SZZ23L-Microsoft.549981C3F5F10.
Error: (03/06/2022 06:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/06/2022 06:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
CodeIntegrity:
===============
Date: 2022-03-09 19:19:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\bdamsi\265769466872593704\antimalware_provider64.dll that did not meet the Windows signing level requirements.
Date: 2022-03-09 18:00:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\bdamsi\265769466872593704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: HP S71 Ver. 01.12.00 01/12/2022
Motherboard: HP 869D
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 8029.54 MB
Available physical RAM: 2508.54 MB
Total Virtual: 9309.54 MB
Available Virtual: 2715.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.74 GB) (Free:38.23 GB) NTFS
\\?\Volume{44a35f1a-88a0-47be-9377-7afb1cd4f9f7}\ () (Fixed) (Total:1.03 GB) (Free:0.05 GB) NTFS
\\?\Volume{c31de579-c540-4d23-b752-67f3b1255cf5}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
mám velikou prosbu, půjčil jsem včera notebook svojí sestře a ona mi ho vrátila ve stavu, kdy mi cca každých 10 min vyskakuje okno (viz příloha),
že je v pc vir....
Níže posílám logy z FRST , prosím o řešení předem moc děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2022
Ran by Já (administrator) on DESKTOP-THCR9VP (HP HP ProBook 440 G7) (09-03-2022 19:20:27)
Running from C:\Users\Já\Downloads
Loaded Profiles: Já
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.209\DiscoverySrv.exe
(C:\Program Files\Bitdefender Antivirus Free\vsserv.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f31d3fd59f245137\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f31d3fd59f245137\RtkAudUService64.exe [1255264 2021-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [GoogleChromeAutoLaunch_9FE22663AB17750FDC06C95DF7C6A50D] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-07-01]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B52735D-FF25-4394-BDB0-518C4B9EDC46} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254096 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2C5AC034-C6E9-4DF2-98BB-4579D51E1ADE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {39758433-8BA2-4888-B63B-6DDDA3A03DF5} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1663936 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {8F2EAD38-B836-442C-8010-85E10D1842A9} - System32\Tasks\CCleanerSkipUAC - Já => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {93C91ED5-8C5D-40EC-BA2F-504EB0270F6E} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30208384 2022-03-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A2FA46DF-0280-448A-B4F0-AA152EC46238} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {ADD59437-91C3-40CD-9363-4975595494E7} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.209\WatchDog.exe [1050216 2022-01-13] (Bitdefender SRL -> Bitdefender)
Task: {C54DD032-8A38-478C-8DB8-6525013075BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {E4406DAC-3160-4684-B39A-450B85FF43D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
Task: {E46CCC6F-2DB6-419E-8802-BDD06337A6A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {FE7AD8EB-54BF-450A-AA6A-D703DFFF8164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{802de428-069d-4993-b4eb-3df5ea4c6a34}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d34617ef-721c-4e41-b1f8-fbabc1ebf661}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
Edge Notifications: Default -> hxxps://imendocals.com
Edge Extension: (Avira Safe Shopping) - C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-03-08]
Edge Extension: (Avira Password Manager) - C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-03-08]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: kihwzjy4.default
FF ProfilePath: C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default [2021-10-12]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-cs@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-de@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (English (US) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Español (España) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Finnish Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-fi@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Français Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-fr@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Galego (España) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-gl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-he@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-hu@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-it@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Japanese Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ja@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ko@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-nl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Polski Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-pl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ru@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (српски (sr) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sr@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default [2022-03-09]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-29]
CHR Extension: (Dokumenty) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-29]
CHR Extension: (Disk Google) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-29]
CHR Extension: (Avira Password Manager) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-03-08]
CHR Extension: (Tabulky) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-29]
CHR Extension: (Avira Browser Safety) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-03-08]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2021-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-08]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-29]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-06-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-01-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2998096 2021-11-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264288 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [265608 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2019-03-27] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [350008 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe [1512544 2021-10-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe [761856 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe [760864 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe [756720 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe [494688 2021-11-21] (HP Inc. -> HP Inc.)
S2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe [591968 2021-10-30] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-06] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [786536 2022-02-01] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6133448 2022-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-07-17] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [585824 2022-02-04] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-07-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3947928 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [800672 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-07-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-07-18] (Bitdefender SRL -> Bitdefender)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-07-07] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 bhtsdhubdr; C:\WINDOWS\System32\drivers\bhtsdhubdr.sys [202456 2020-10-22] (BayHub Technology Inc. -> BayHubTech)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1190288 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [623008 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [532360 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425208 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-09 19:20 - 2022-03-09 19:21 - 000032564 _____ C:\Users\Já\Downloads\FRST.txt
2022-03-09 19:19 - 2022-03-09 19:20 - 000000000 ____D C:\FRST
2022-03-09 19:18 - 2022-03-09 19:18 - 005659583 _____ (Swearware) C:\Users\Já\Downloads\ComboFix.exe
2022-03-09 19:18 - 2022-03-09 19:18 - 002364928 _____ (Farbar) C:\Users\Já\Downloads\FRST64.exe
2022-03-09 19:09 - 2022-03-09 19:09 - 000319176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_82e68bada_klark.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 115464184 _____ (AO Kaspersky Lab) C:\Users\Já\Downloads\KVRT.exe
2022-03-09 19:08 - 2022-03-09 19:08 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\82e68bad.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 000227664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_82e68bada_mark.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 000000000 ____D C:\KVRT2020_Data
2022-03-09 19:04 - 2022-03-09 19:04 - 000388608 _____ (Trend Micro Inc.) C:\Users\Já\Downloads\hijackthis (1).exe
2022-03-09 19:02 - 2022-03-09 19:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\Já\Downloads\hijackthis.exe
2022-03-09 17:57 - 2022-03-09 17:57 - 000000000 ___HD C:\$WinREAgent
2022-03-09 17:56 - 2022-03-09 17:56 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-03-08 23:21 - 2022-03-08 23:21 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2022-03-08 19:56 - 2022-03-08 20:15 - 348593776 _____ C:\Users\Já\Desktop\DaneJones - Yasmeena - Sweet Afghan student romantic fuck.mp4
2022-03-08 19:51 - 2022-03-08 20:05 - 239324355 _____ C:\Users\Já\Desktop\WhiteBoxxx - Stacy Cruz Young Czech Babe Romantic Sex Session With Intense Creampie Climax - RedTube.mp4
2022-03-08 19:49 - 2022-03-08 19:53 - 075513133 _____ C:\Users\Já\Desktop\Romantic-Sex-Film-for-Couple.mp4
2022-03-08 19:46 - 2022-03-08 20:51 - 1192203370 _____ C:\Users\Já\Desktop\12-05-16 Romantic Memories (Connie).mp4
2022-03-08 19:15 - 2022-03-08 21:10 - 000000000 ____D C:\Users\Public\Security Sessions
2022-03-08 19:15 - 2022-03-08 19:15 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-03-08 19:14 - 2022-03-08 19:14 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2022-03-08 19:14 - 2022-03-08 19:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2022-03-08 19:14 - 2021-10-22 08:45 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2022-03-08 19:14 - 2021-06-25 13:59 - 000022848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys
2022-03-08 19:14 - 2021-02-09 18:03 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2022-03-08 19:14 - 2019-06-07 14:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2022-03-08 19:13 - 2022-03-08 19:16 - 000000000 ____D C:\Users\Já\AppData\Local\Avira
2022-03-08 19:13 - 2022-03-08 19:14 - 000000000 ____D C:\Program Files (x86)\Avira
2022-03-08 19:13 - 2022-03-08 19:13 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-03-08 19:13 - 2022-03-08 19:13 - 000003772 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2022-03-08 19:13 - 2022-03-08 19:13 - 000003480 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-03-08 19:13 - 2022-03-08 19:13 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-03-08 19:13 - 2022-03-08 19:13 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-03-08 19:13 - 2022-03-08 19:13 - 000001150 _____ C:\Users\Public\Desktop\Avira.lnk
2022-03-08 19:13 - 2022-03-08 19:13 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-03-08 19:13 - 2022-03-08 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-03-08 19:12 - 2022-03-08 19:15 - 000000000 ____D C:\ProgramData\Avira
2022-03-08 19:12 - 2022-03-08 19:12 - 005548536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Já\Downloads\avira_en_sptl1_63007768-1646763146__phpws-spotlight-release.exe
2022-03-08 19:06 - 2022-03-08 19:06 - 008540344 _____ (Malwarebytes) C:\Users\Já\Downloads\adwcleaner_8.3.1.exe
2022-03-06 21:37 - 2022-03-05 18:06 - 066347880 _____ C:\Users\Já\Desktop\20220305_180625.mp4
2022-03-06 21:22 - 2022-03-06 21:23 - 000000000 ____D C:\Users\Já\Desktop\brno
2022-03-06 18:45 - 2022-03-06 18:49 - 089223322 _____ C:\Users\Já\Desktop\Porno pro ženy silná dávka něžností - FreeVideo.cz – Nejnavštěvovanější erotický portál.mp4
2022-03-06 18:44 - 2022-03-06 18:49 - 099317077 _____ C:\Users\Já\Desktop\Ranní romantika (porno pro ženy) - FreeVideo.cz – Nejnavštěvovanější erotický portál.mp4
2022-03-06 18:43 - 2022-03-06 19:01 - 316806116 _____ C:\Users\Já\Desktop\Speciální porno pro ženy - FreeVideo.cz – Nejnavštěvovanější erotický portál_07-46-32.mp4
2022-03-06 18:42 - 2022-03-06 18:48 - 118682040 _____ C:\Users\Já\Desktop\romanticky-sex-na-soukromem-doucovani.mp4
2022-03-06 18:41 - 2022-03-06 19:22 - 754003817 _____ C:\Users\Já\Desktop\kraska-ma-rada-romanticky-sexkunda-,18-let-,xxx,sex,porno,domaci,mlada,teen,nevyholena,hairy,amaterka,oral,novinka,2013,cz,za-penize,za-prachy.wmv
2022-03-06 18:41 - 2022-03-06 18:53 - 206945474 _____ C:\Users\Já\Desktop\lasko-udelame-si-romanticky-vecer-byxxxpornxx.sex.xxx.porno.mp4
2022-03-06 18:41 - 2022-03-06 18:52 - 201685818 _____ C:\Users\Já\Desktop\romanticky-sex-s-ceskou-kraskou-540p.mp4
2022-03-01 18:48 - 2022-03-01 18:51 - 067645691 _____ C:\Users\Já\Desktop\[ Amateri ] smirovani moji holky s kamosem 336p.mp4
2022-03-01 18:38 - 2022-03-01 19:58 - 1482118131 _____ C:\Users\Já\Desktop\Kámen, nůžky, papír_Schnick Schnack Schnuck_2015_titulky.CZ.mkv
2022-02-27 10:03 - 2022-02-27 10:03 - 000214277 _____ C:\Users\Já\Downloads\poukaz.pptx
2022-02-27 10:02 - 2022-02-27 10:02 - 000005388 _____ C:\Users\Já\Desktop\stažený soubor.jfif
2022-02-26 09:24 - 2022-02-26 09:24 - 000000000 ____D C:\Users\Já\AppData\Local\HP_Inc
2022-02-25 17:54 - 2022-02-25 17:54 - 000001170 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2022-02-23 22:17 - 2022-02-23 22:17 - 001856288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\btwake.sys
2022-02-23 22:16 - 2022-02-23 22:16 - 006920816 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2022-02-23 22:16 - 2022-02-23 22:16 - 000337296 _____ (Intel Corporation) C:\WINDOWS\system32\JHI64.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000321424 _____ (Intel Corporation) C:\WINDOWS\system32\TEEManagement64.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000272272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\JHI.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000259456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\TEEManagement.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000091648 _____ (HP Inc.) C:\WINDOWS\system32\Drivers\btwake.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000020976 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2022-02-23 20:43 - 2022-02-24 19:55 - 3550434759 _____ C:\Users\Já\Desktop\Cheza.je.jen.jedna.2020.1080p.WEB-DL.DD2.0.H.264.CZ-TreZzoR.mkv
2022-02-23 17:41 - 2022-02-23 18:22 - 751887145 _____ C:\Users\Já\Desktop\Tantra průvodce tantrickým orálním sexem-1.-díl.mp4
2022-02-23 17:38 - 2022-02-23 18:10 - 589184006 _____ C:\Users\Já\Desktop\Tantra-masáž-pro-muže---Fabi.mp4
2022-02-23 17:38 - 2022-02-23 18:07 - 538462861 _____ C:\Users\Já\Desktop\Tantra masáž penisu- Fabi.mp4
2022-02-23 17:36 - 2022-02-23 18:05 - 525282999 _____ C:\Users\Já\Desktop\Tantra-Imaginations_SexArt-1080p.mp4
2022-02-21 17:46 - 2022-02-21 17:46 - 000000000 ____D C:\Program Files\Intel
2022-02-21 17:24 - 2022-02-21 17:45 - 383741952 _____ C:\Users\Já\Desktop\Tantra--masáž-pro-ženu---Genital-Massage-For-Women.avi
2022-02-20 21:44 - 2022-02-21 17:33 - 1514248568 _____ C:\Users\Já\Desktop\Skola sexu 14.mkv
2022-02-20 21:19 - 2022-02-20 21:58 - 722346284 _____ C:\Users\Já\Desktop\XXX-sex-porn_DVD 1 - The Original Lovers Guide.avi
2022-02-20 20:52 - 2022-03-08 23:10 - 000000000 ____D C:\Users\Já\Desktop\P
2022-02-20 16:57 - 2022-02-20 16:57 - 000000000 ___HD C:\$Windows.~WS
2022-02-20 16:33 - 2022-02-25 17:54 - 000000000 ____D C:\Users\Já\AppData\Local\Hewlett-Packard
2022-02-20 12:42 - 2021-07-07 03:42 - 000004608 _____ (HP Inc.) C:\WINDOWS\SysWOW64\SigFile.exe
2022-02-20 12:28 - 2022-02-20 12:28 - 000000000 ____D C:\Users\Já\AppData\Roaming\Hewlett-Packard
2022-02-20 12:23 - 2022-02-20 12:23 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-02-20 12:23 - 2022-02-20 12:23 - 000011821 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-20 12:22 - 2022-02-20 12:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-02-20 12:22 - 2022-02-20 12:22 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-02-20 12:22 - 2022-02-20 12:22 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-20 12:22 - 2022-02-20 12:22 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-20 12:21 - 2022-03-07 17:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-02-20 12:21 - 2022-02-25 17:55 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-02-20 12:21 - 2022-02-25 17:54 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-02-20 12:21 - 2022-02-20 12:22 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2022-02-20 12:21 - 2022-02-20 12:21 - 000000000 ____D C:\Users\Já\AppData\Roaming\hpqLog
2022-02-20 12:21 - 2022-02-20 12:21 - 000000000 ____D C:\system.sav
2022-02-20 12:17 - 2022-02-20 12:18 - 000000000 ____D C:\Users\Já\Desktop\Intel(R)_USB_3.0_eXtensible_Host_Controller_Driver_5.0.4.43_v2
2022-02-20 12:17 - 2022-02-20 12:17 - 005574777 _____ C:\Users\Já\Downloads\intel(r)_usb_3.0_extensible_host_controller_driver_5.0.4.43_v2.zip
2022-02-20 11:11 - 2022-02-20 11:35 - 000000000 ____D C:\Users\Já\Desktop\flash mamka
2022-02-19 13:15 - 2022-03-09 18:04 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-19 13:14 - 2022-02-19 13:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-02-19 13:14 - 2022-02-19 13:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-02-19 13:13 - 2022-02-19 13:13 - 000095692 _____ C:\ProgramData\agent.update.1645272790.bdinstall.v2.bin
2022-02-19 13:13 - 2022-02-19 13:13 - 000000000 ____D C:\Users\Já\AppData\Local\Bdch
2022-02-19 13:12 - 2022-03-09 18:00 - 000004204 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{05027FED-9EA5-4676-A708-ECE2F660F990}
2022-02-19 13:12 - 2022-03-09 17:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-19 13:12 - 2022-02-20 17:08 - 000015235 _____ C:\WINDOWS\diagwrn.xml
2022-02-19 13:12 - 2022-02-20 17:08 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-02-19 13:12 - 2022-02-19 13:13 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-02-19 13:12 - 2022-02-19 13:12 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-19 13:12 - 2022-02-19 13:12 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-19 13:12 - 2022-02-19 13:12 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-19 13:12 - 2022-02-19 13:12 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-19 13:12 - 2022-02-19 13:12 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-19 13:12 - 2022-02-19 13:12 - 000002246 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Já
2022-02-19 13:12 - 2022-02-19 13:12 - 000000020 ___SH C:\Users\Já\ntuser.ini
2022-02-19 13:07 - 2022-02-19 13:12 - 000000000 ____D C:\Users\Já
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Šablony
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Soubory cookie
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Poslední
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Okolní tiskárny
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Okolní síť
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Nabídka Start
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Dokumenty
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Obrázky
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Hudba
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Filmy
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Data aplikací
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\AppData\Local\Data aplikací
2022-02-19 13:07 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-19 13:05 - 2022-03-09 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-19 13:05 - 2022-03-08 21:05 - 000287944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-19 13:04 - 2022-02-19 13:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-02-19 13:03 - 2022-02-19 13:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-02-19 13:03 - 2022-02-19 13:03 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-02-19 13:02 - 2022-02-19 13:02 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-19 13:00 - 2022-02-19 13:00 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-02-19 13:00 - 2022-02-19 13:00 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-02-19 12:59 - 2022-02-19 12:59 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-19 12:59 - 2022-02-19 12:59 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-19 12:59 - 2022-02-19 12:59 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files\MSBuild
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-02-19 11:47 - 2022-03-03 19:00 - 000000000 ___DC C:\WINDOWS\Panther
2022-02-19 11:45 - 2022-02-19 11:47 - 000000036 _____ C:\WINDOWS\progress.ini
2022-02-19 11:33 - 2022-02-19 11:45 - 000000000 ___HD C:\$GetCurrent
2022-02-19 11:33 - 2022-02-19 11:45 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-09 19:22 - 2021-06-06 20:19 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2022-03-09 19:08 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2022-03-09 19:03 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\VirtualStore
2022-03-09 19:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-09 19:00 - 2021-05-29 08:48 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-09 18:56 - 2021-05-28 16:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-09 18:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-09 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-09 18:04 - 2019-12-07 15:43 - 000719452 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-09 18:04 - 2019-12-07 15:43 - 000145578 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-09 18:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-09 18:00 - 2021-06-06 20:06 - 000000000 ____D C:\Program Files\CCleaner
2022-03-09 17:56 - 2022-01-27 21:12 - 000000000 ____D C:\Program Files\TeamViewer
2022-03-09 17:56 - 2021-05-28 17:10 - 000000000 __SHD C:\Users\Já\IntelGraphicsProfiles
2022-03-09 17:56 - 2021-05-28 16:32 - 000000000 ____D C:\Intel
2022-03-09 17:56 - 2021-05-28 16:23 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-09 17:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-08 23:21 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-08 23:18 - 2021-05-29 15:47 - 000000000 ____D C:\Users\Já\AppData\Roaming\vlc
2022-03-08 19:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-08 17:38 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\Packages
2022-03-08 17:34 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\D3DSCache
2022-03-08 17:22 - 2021-05-29 08:48 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-08 17:22 - 2021-05-29 08:48 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-06 18:40 - 2021-12-23 11:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-06 18:40 - 2021-12-23 11:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-06 18:39 - 2021-12-23 11:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-06 18:39 - 2021-12-23 11:51 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-25 17:54 - 2021-10-01 15:50 - 000000000 ____D C:\Users\Já\AppData\Local\HP
2022-02-25 17:54 - 2021-05-29 10:10 - 000000000 ____D C:\Program Files (x86)\HP
2022-02-25 17:54 - 2021-05-29 09:52 - 000000000 ____D C:\SWSetup
2022-02-25 17:54 - 2021-05-28 16:38 - 000000000 ____D C:\ProgramData\HP
2022-02-21 17:46 - 2021-05-30 09:18 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-20 17:17 - 2021-08-18 19:13 - 000000000 ____D C:\ESD
2022-02-20 12:41 - 2021-05-28 16:30 - 000000000 ____D C:\ProgramData\Packages
2022-02-20 12:31 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-02-20 12:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-20 12:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-20 12:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-20 11:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-20 11:16 - 2021-05-28 16:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-20 11:14 - 2021-06-18 18:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-20 11:14 - 2021-05-28 16:34 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-20 10:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-02-19 14:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-19 13:13 - 2021-06-06 20:18 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-02-19 13:12 - 2021-05-28 16:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-02-19 13:12 - 2021-05-28 16:30 - 000000000 ___RD C:\Users\Já\3D Objects
2022-02-19 13:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-02-19 13:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-02-19 13:09 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2022-02-19 13:08 - 2022-01-19 19:06 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-02-19 13:08 - 2022-01-19 17:24 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2022-02-19 13:08 - 2021-12-02 21:32 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2022-02-19 13:08 - 2021-07-23 15:54 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nicepage
2022-02-19 13:06 - 2021-05-28 16:39 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-02-19 13:05 - 2021-12-02 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-02-19 13:05 - 2021-07-23 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueGriffon
2022-02-19 13:05 - 2021-07-23 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2022-02-19 13:05 - 2021-07-01 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2022-02-19 13:05 - 2021-06-06 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-02-19 13:05 - 2021-05-29 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-02-19 13:05 - 2021-05-29 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-19 13:05 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-02-19 13:04 - 2021-05-30 09:16 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-02-19 13:04 - 2021-05-28 16:49 - 000000000 ____D C:\WINDOWS\Firmware
2022-02-19 13:04 - 2021-05-28 16:39 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-02-19 12:56 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2022-02-19 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-02-19 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-02-19 11:17 - 2021-12-30 17:22 - 000000000 ____D C:\Users\Já\AppData\Local\CrashDumps
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2022
Ran by Já (09-03-2022 19:23:26)
Running from C:\Users\Já\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) (2022-02-19 12:12:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-176298533-3111144044-3321788608-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-176298533-3111144044-3321788608-503 - Limited - Disabled)
Guest (S-1-5-21-176298533-3111144044-3321788608-501 - Limited - Disabled)
Já (S-1-5-21-176298533-3111144044-3321788608-1001 - Administrator - Enabled) => C:\Users\Já
WDAGUtilityAccount (S-1-5-21-176298533-3111144044-3321788608-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.39.1.29668 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.62.27078 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.16.0.11273 - Avira Operations GmbH & Co. KG) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.209 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.21.234 - Bitdefender)
BlueGriffon version 3.1 (HKLM\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 3.1 - Disruptive Innovations SAS)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.51 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Malwarebytes version 4.5.5.175 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.5.175 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.36 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Nicepage 3.27.0 (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\c9e6a573-2a17-5f23-a9b7-1d442c8e5de0) (Version: 3.27.0 - Artisteer Limited)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1555 - Microsoft Corporation)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Trezor Suite 21.7.1 (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 21.7.1 - SatoshiLabs)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.25.245.0_x64__dt26b99r8h8gj [2022-02-23] (Realtek Semiconductor Corp)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-06] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2021-05-28] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1024.0_x64__8j3eq9eme6ctt [2022-02-23] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Studios) [MS Ad]
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.29.0_x64__tqn3m7kee4xc8 [2022-02-23] (O2 Czech Republic a.s.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-02-23] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0 [2022-03-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-25 11:31 - 2021-10-25 11:31 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2021-12-02 19:01 - 2021-11-24 15:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-12-04 15:41 - 2021-12-04 15:41 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2021-12-03 13:17 - 2021-12-03 13:17 - 004578816 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2021-12-03 13:16 - 2021-12-03 13:16 - 002832384 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2021-12-03 13:14 - 2021-12-03 13:14 - 006556672 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2021-06-06 19:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3AB519FD-2119-4403-968B-F5DAE169B713}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{75CE262E-B2DA-4F92-8DD8-B71F98D00DAB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{53FF4BDD-D8CD-4DC5-BFAC-FDC7AAAB2CF6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4E050165-FA9D-4AAD-A9A2-B25432DD1EFF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{FBDB7BB5-32B0-4881-8931-861BED1C079A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{AF7C09C7-437D-407E-ACAD-052789E03FA6}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{A2567B27-212A-4DB8-8478-BFCE01674D7F}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{8AEEAF73-E45B-445C-9F83-BE65678D0A39}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{9F42F1C1-C983-425B-AAA0-F9C36D123349}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6449210B-D934-4628-BF21-98456719A987}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EEBAA23B-BB8D-4D6F-8CF2-FB45572FB999}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3DC2017B-84A6-4989-9A5D-E159B2661EE8}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{CD91CB03-A3B9-4CE6-8BFF-A9CE3A2A6357}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{55B7C2E9-029C-4EB1-A512-277E80336804}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{90D2E694-F6DB-41B3-8143-8B9BB620496A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED8A7480-36A0-4CA7-B1E9-195AC5D0771B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EBE3D914-2C2B-44D6-90F9-49A2AD8595C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CAA84D8-9399-4375-9A61-DF75F1EFC338}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{588FDEB8-F7BE-46D9-9ED9-6A5B09688AC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A3CF475-715B-48B7-AB2B-EE534EEDBDFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7A7806C4-DE16-4961-AB02-0EDEB998520A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D24AB0EF-E6EE-4826-846B-B391B3E4FB19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBB1D72C-B94C-4717-9D32-9D18723F876D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{425E69F3-59FA-42E6-95A3-1853E15B9832}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
06-03-2022 20:21:59 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/08/2022 07:15:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/08/2022 05:35:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program msedge.exe verze 99.0.1150.30 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3c24
Čas spuštění: 01d8330a61be0f8c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
ID hlášení: fc87e3a9-25a8-4eb7-bb01-655300089b15
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (03/06/2022 09:04:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1566 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 20b0
Čas spuštění: 01d8317f50849928
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 160153ba-875f-4bd9-9049-fd5da8dc3cc1
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/25/2022 04:53:49 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-THCR9VP)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (03/09/2022 05:56:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/09/2022 05:56:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/08/2022 09:05:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/08/2022 09:05:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/06/2022 11:00:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-THCR9VP)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/06/2022 08:25:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NFFX4SZZ23L-Microsoft.549981C3F5F10.
Error: (03/06/2022 06:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/06/2022 06:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
CodeIntegrity:
===============
Date: 2022-03-09 19:19:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\bdamsi\265769466872593704\antimalware_provider64.dll that did not meet the Windows signing level requirements.
Date: 2022-03-09 18:00:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\bdamsi\265769466872593704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: HP S71 Ver. 01.12.00 01/12/2022
Motherboard: HP 869D
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 8029.54 MB
Available physical RAM: 2508.54 MB
Total Virtual: 9309.54 MB
Available Virtual: 2715.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.74 GB) (Free:38.23 GB) NTFS
\\?\Volume{44a35f1a-88a0-47be-9377-7afb1cd4f9f7}\ () (Fixed) (Total:1.03 GB) (Free:0.05 GB) NTFS
\\?\Volume{c31de579-c540-4d23-b752-67f3b1255cf5}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
((
Ty vyhledávače malwaru nic nenašli, je možné, že bylo 