Ntb se ovládá sam

Příspěvekod **jaro3** » 17 dub 2023 17:11

OK. Co Zemana Antimalware? Nevidím log.

Reklama

zik9 · Příspěvekod **zik9** » 17 dub 2023 17:30

Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 17.04.2023 17:28:11
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:48
Zkontrolované objekty : 2872
Zjištěné objekty : 4
Vyloučené objekty : 0
Automatické odesílání : Ne
Operační systém : Windows 10 x64
Procesor : 4X Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 12932D608D1528A7C63D8B

Odhalení
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\jakub\appdata\local\google\chrome\user data\default\extensions\cofdbpoegempjloogbagkncekinflcnj
Vydavatel :
Velikost : 0
Odhalení : HijackExt:ChromePlugin/DeepL Translate: Reading & writing translator
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\jakub\appdata\local\google\chrome\user data\default\extensions\njgehaondchbmjmajphnhlojfnbfokng
Vydavatel :
Velikost : 0
Odhalení : HijackExt:ChromePlugin/Video Downloader PLUS
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\jakub\appdata\local\google\chrome\user data\default\extensions\plmlonggbfebcjelncogcnclagkmkikk
Vydavatel :
Velikost : 0
Odhalení : HijackExt:ChromePlugin/Hlídač Shopů
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : http://www.lyoness.net/browser
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/ChromeStartupUrl
Akce : Vymazat
-----------------------------------------------------------------------

zik9 · Příspěvekod **zik9** » 17 dub 2023 18:06

Doplňky jsem si tam samozřejmě vrátil po synchronizaci Chromu

Příspěvekod **jaro3** » 17 dub 2023 19:43

OK , dej pak vědět.

zik9 · Příspěvekod **zik9** » 17 dub 2023 22:37

Myslel jsem, že se doplňky vrátily a ono ne. Tak je chci vrátit znovu z obchodu a u DeepL a Hlídač shopů to nahlásí chybu "Adresář rozšíření nelze přesunout do profilu." a nejdou přidat. Co s tím?

Příspěvekod **jaro3** » 17 dub 2023 23:20

Zkus vypnout Malwarebytes Antomalware rez. ochranu či jiný antivirový , antispywarový program. Zkus to ještě jednou.

Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/

Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Další zítra.

zik9 · Příspěvekod **zik9** » 17 dub 2023 23:49

Vypnutí nepomohlo, stále nejdou doplňky dát zpět :/ Memtest zítra

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2023
Ran by jakub (17-04-2023 23:43:52)
Running from C:\Users\jakub\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2023-03-12 15:21:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1577194213-1692531704-4233059550-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1577194213-1692531704-4233059550-503 - Limited - Disabled)
Guest (S-1-5-21-1577194213-1692531704-4233059550-501 - Limited - Disabled)
jakub (S-1-5-21-1577194213-1692531704-4233059550-1001 - Administrator - Enabled) => C:\Users\jakub
WDAGUtilityAccount (S-1-5-21-1577194213-1692531704-4233059550-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20143 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Anakin (HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Anakin) (Version: - )
Avast One (HKLM\...\Avast Antivirus) (Version: 23.3.6058 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.10 - Piriform)
CrystalDiskInfo 8.17.14 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.14 - Crystal Dew World)
Dell SupportAssist (HKLM\...\{82B84211-71FD-4AB7-87D1-68568646860F}) (Version: 3.13.2.14 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{5B678BC6-D551-458B-893D-B442B21ECD21}) (Version: 5.5.4.16189 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{dc44ee3f-d6c1-444d-a660-b0f1ac90b51d}) (Version: 5.5.4.16189 - Dell Inc.)
Discord (HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Discord) (Version: 1.0.9005 - Discord Inc.)
Epic Online Services (HKLM-x32\...\{B3DE52F7-D9AA-49EF-873F-506F76CD45B8}) (Version: 2.0.35.0 - Epic Games, Inc.)
Google Chrome (HKLM\...\{4880565C-146E-303F-9477-710497DFB2E2}) (Version: 112.0.5615.121 - Google LLC)
Intel Driver && Support Assistant (HKLM-x32\...\{91672422-9B98-4606-A6D7-E164D7037B06}) (Version: 23.1.9.7 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{318C30A1-C7AF-414E-890F-6345E6E0FD33}) (Version: 2.4.09084 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{56b89a97-2659-4931-bffa-4b136a521eb1}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Serial IO (HKLM\...\{4150A94D-A96A-413F-ACA3-B6CC368ECE43}) (Version: 30.100.1943.2 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000200-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.200.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{a532c7c7-1594-49bb-a186-f44c52c9509e}) (Version: 23.1.9.7 - Intel)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Malwarebytes version 4.5.26.259 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.26.259 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8942.2 - Waves Audio Ltd.) Hidden
Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM-x32\...\{67950e91-8f8f-4d75-9252-7cca68ccdacc}) (Version: 6.0.9.31619 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.48 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Teams) (Version: 1.6.00.6754 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Skype verze 8.94 (HKLM-x32\...\Skype_is1) (Version: 8.94 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.39.6 - TeamViewer)
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.5.0.74(master)(8d92a0e96285c09fa03691e2b7618aee84c6c2b6) - Addpcs, LLC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Zoom(64bit) (HKLM\...\{DE31C5C0-EA00-4444-88D6-C4F7DE30096B}) (Version: 5.13.13434 - Zoom)

Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.13.7.0_x64__htrsf667h5kn2 [2023-04-06] (Dell Inc)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-04-06] (INTEL CORP)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-14] (INTEL CORP) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-23] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1577194213-1692531704-4233059550-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jakub\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23061.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) =============

2022-08-09 15:02 - 2022-08-09 15:02 - 005998080 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2023-03-13 13:49 - 2023-03-13 13:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2023-03-13 13:49 - 2023-03-13 13:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 001600512 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 002165760 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\jakub\Desktop\CrystalDiskInfo8_17_14.exe:MBAM.Zone.Identifier [253]
AlternateDataStreams: C:\Users\jakub\Desktop\RogueKiller_portable64.exe:MBAM.Zone.Identifier [190]
AlternateDataStreams: C:\Users\jakub\Desktop\Sophos Virus Removal Tool.exe:MBAM.Zone.Identifier [238]
AlternateDataStreams: C:\Users\jakub\Desktop\TempFileCleaner_4.5.0_Setup.exe:MBAM.Zone.Identifier [186]
AlternateDataStreams: C:\Users\jakub\Downloads\Zemana.AntiMalware.Setup.exe:MBAM.Zone.Identifier [145]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-03-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2023-04-17 16:15 - 2023-04-17 16:15 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4F2B1FC128F21355E1EB1FD267A7E60E"
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4742D82E4941B6BD25A4DE6FD1B56A3B"
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{17072FE0-53B3-4CD0-AF7C-35A62B14F7A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{86C30539-9D29-4258-8B55-E9F20A608047}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C525B00D-C571-42EF-84E2-311594A22DEA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB85FA71-FA16-4C2A-846F-1BD200713E52}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2CDBA4F9-6EA4-49D7-937D-2DC8123E9F09}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A0BBAC08-C687-4E11-B834-350193239EE7}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DD906DE3-56D7-470D-A077-1A8573278B20}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B865A04B-3B76-4CC1-B393-32E7A3A26325}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8762F2A0-E1EC-4822-B3C9-6B362723845D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{51FEF2AE-50AD-4893-93A0-37A91DE2A991}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{43408EC9-4005-470D-A79B-28B1E5196DBD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4C6CF86A-338D-475B-B46D-E149D0D6B567}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F57E8824-E140-47C1-AFD9-A7F26A186081}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{79469FF9-A2F0-41BA-9BBF-248CC66259CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8EAA0126-ECBC-4C98-8D7F-5C2B3B3316F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E96D0562-884D-4EA4-AC21-296E53A445C9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB220DCC-CC5B-4771-A54C-4D40F2BEAA0F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{554B4D7B-ACA9-4E72-AD9F-63BAF599F5CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75CDE6E5-34CF-4EA3-890F-B94326233841}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bulanci\Launcher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2A789928-1E30-4F53-9A49-0D03A4546BA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bulanci\Launcher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{EFCCB49E-DB58-4705-BBD8-491A24293338}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{B8FCECDB-48A9-455C-B0A6-8BDE1D178FAD}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{78D1E8DC-8B96-4245-A356-49EC710C9C5E}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{6B6A89D3-7120-4065-9502-5B1D3E6E10AC}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{7BAD8530-4600-4A84-9C16-200FF73AB79C}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FEF0DE79-7417-4E6A-BA0F-8468D3814E4C}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{246DC015-2452-430C-AC92-B936AC86E91C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B40298DF-B4A3-4FEE-8CB5-E0534B3034BA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-04-2023 21:05:22 JRT Pre-Junkware Removal
16-04-2023 21:09:32 Installed Sophos Virus Removal Tool.
17-04-2023 16:14:24 zoek.exe restore point

==================== Faulty Device Manager Devices ============

Name: Intel_Sensor
Description: Intel_Sensor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (04/17/2023 10:35:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.1806, časové razítko: 0x7dcad237
Název chybujícího modulu: combase.dll, verze: 10.0.19041.2788, časové razítko: 0x03e7e147
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d0d88
ID chybujícího procesu: 0x26dc
Čas spuštění chybující aplikace: 0x01d9716c05007094
Cesta k chybující aplikaci: C:\Windows\System32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: b552a745-dfc1-42c8-8514-e8483e6529ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/17/2023 10:23:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dptf_helper.exe, verze: 8.7.10802.26924, časové razítko: 0x6254b87c
Název chybujícího modulu: dptf_helper.exe, verze: 8.7.10802.26924, časové razítko: 0x6254b87c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002794
ID chybujícího procesu: 0x3bc
Čas spuštění chybující aplikace: 0x01d9714553de89e0
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
Cesta k chybujícímu modulu: C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
ID zprávy: 758b9f21-11c4-45de-9693-dc4d8498c244
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/17/2023 06:01:44 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-S782JOO)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/17/2023 04:41:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-S782JOO)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/17/2023 04:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2788, časové razítko: 0x62e593d6
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002cb69
ID chybujícího procesu: 0x3a8
Čas spuštění chybující aplikace: 0x01d97136f12b09a7
Cesta k chybující aplikaci: C:\Users\jakub\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: b44c211f-8b82-4163-8187-7ba56f59aa8a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/17/2023 04:14:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])

Error: (04/17/2023 04:13:30 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-S782JOO)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/17/2023 04:11:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek (1).exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2846, časové razítko: 0xb9bbdd8b
Kód výjimky: 0xc0000409
Posun chyby: 0x00138fc2
ID chybujícího procesu: 0x3c04
Čas spuštění chybující aplikace: 0x01d971368d27da51
Cesta k chybující aplikaci: C:\Users\jakub\Desktop\zoek (1).exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a66f42e2-8f81-4fae-9bdb-d0fb1aaedc28
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (04/17/2023 07:28:26 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error

Error: (04/17/2023 07:28:26 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error

Error: (04/17/2023 07:28:26 PM) (Source: Netwtw04) (EventID: 5035) (User: )
Description: 5035 - Driver OSC Pending OID watchdog

Error: (04/17/2023 04:30:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/17/2023 04:30:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/17/2023 04:30:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/17/2023 04:30:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/17/2023 04:30:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Windows Defender:
================Event[0]:

Date: 2023-04-12 00:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1645.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-04-17 23:40:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-04-17 23:40:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.36.0 12/15/2021
Motherboard: Dell Inc. 0M60Y2
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 63%
Total physical RAM: 8061.68 MB
Available physical RAM: 2946.18 MB
Total Virtual: 13437.68 MB
Available Virtual: 5758.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.84 GB) (Free:157.5 GB) (Model: SK hynix SC311 SATA 256GB) (Protected) NTFS

\\?\Volume{4a3ea6e6-e31b-4b15-a0d2-f446db012137}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{64ef611f-9591-4fc0-942a-d453b7679efd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2023
Ran by jakub (administrator) on DESKTOP-S782JOO (Dell Inc. Inspiron 13-5378) (17-04-2023 23:42:44)
Running from C:\Users\jakub\Desktop\FRST64.exe
Loaded Profiles: jakub
Platform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

zik9 · Příspěvekod **zik9** » 17 dub 2023 23:49

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_500d7f066e4084ac\igfxCUIService.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_500d7f066e4084ac\igfxEM.exe
(explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> ) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <26>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ffd80069472091bc\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_500d7f066e4084ac\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9a229169a273dffe\OneApp.IGCC.WinService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dc29bdfd478be046\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dc29bdfd478be046\IntelCpHeciSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> ) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9080848 2016-11-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [940976 2016-11-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [83112448 2023-03-12] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-02-28] (Intel Corporation -> Intel)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Run: [Discord] => C:\Users\jakub\AppData\Local\Discord\Update.exe [1522176 2022-06-08] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Run: [MicrosoftEdgeAutoLaunch_4F2B1FC128F21355E1EB1FD267A7E60E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139936 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1577194213-1692531704-4233059550-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jakub\AppData\Local\Microsoft\Teams\Update.exe [2587368 2023-04-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.121\Installer\chrmstp.exe [2023-04-14] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14AC57D2-FFC8-4A2A-A6B2-DA8064144D36} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {180DA224-1E7E-4C03-B4A9-F2D1B6CC22F0} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4885912 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
Task: {1A0B4DE1-682C-4174-81E7-8FE8540EFE6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2135448 2023-04-12] (Avast Software s.r.o. -> Avast Software)
Task: {1E3BDBA6-435E-4B05-AAEA-69FF74C8CEFA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2742DC33-7CCA-4631-94AA-63B6E2C3243F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)
Task: {2CA7E22D-EC96-4B71-8F43-BE684607376F} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5030808 2023-04-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 7ff3edcb-1b11-4b56-a06c-40cf704bd3a8
Task: {34D08860-2EAE-427D-98B7-C6243D063D5D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2023-01-31] (Dell Inc -> Dell Inc.)
Task: {3BE44CDD-ED86-4F82-8789-64F10705A034} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3E2130FF-0046-47CC-93E4-4637B65579BE} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [5029784 2023-04-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Driver Updater\log" --guid f9c23379-11e8-4e9c-b3c5-0a36ff477ce5
Task: {4041FDEE-F3F8-4161-8C2F-95AC49C866DB} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {47CA1339-DE3E-4C23-8A70-A3BE36227779} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {48AF71FF-9BDA-4DE9-9B32-EC4EAC992B6D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {59FB59C7-9EEA-44F2-BD33-326E634DBCA0} - System32\Tasks\CCleanerSkipUAC - jakub => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {67F1E390-41E4-471A-AB7F-7EA4A1C227F4} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)
Task: {764F4A83-F0D0-4FBA-8B4F-20BE222492CE} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-03-28] (Avast Software s.r.o. -> Avast Software)
Task: {9AA011E1-1E27-46C2-B204-4FAACEF4B216} - System32\Tasks\GoogleUpdateTaskMachineCore{4FDC7264-DF5E-438A-80C3-B10B8571D458} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-12] (Google LLC -> Google LLC)
Task: {9CADFB1E-60BD-4D10-AB4A-0E23D0F1D8C4} - System32\Tasks\GoogleUpdateTaskMachineUA{3476F106-43EE-45B6-96B2-27084972D3A6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-12] (Google LLC -> Google LLC)
Task: {A1C7D6FF-3BDC-4ABD-BA53-937DCA27B693} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7092120 2023-04-12] (Avast Software s.r.o. -> Avast Software)
Task: {AD32C43F-CC65-4F56-BDD9-EC4B81064056} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {B190775C-8CCE-4119-9F11-A0C0CC0D66B6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {D54CD77D-9087-4C20-AD07-E654AE4A98D1} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6788312 2023-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {E41CA96C-DA01-49AB-8895-1F3F9C085937} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "dafe16ab-c2cc-4237-ab94-f2c899bd26f3" --version "6.10.10347" --silent
Task: {E5490A52-63C8-4A10-8BA6-D1D7E3147437} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4664216 2023-04-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cleanup\log" --guid 81f65e3e-8137-48ec-87da-2d16d1009b19
Task: {F6C99A09-9492-4BD7-B2D3-A06B350456A0} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1243544 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
Task: {F882F19D-508A-484D-B124-1AEF6ACBAFD4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F896B286-C903-4DFA-9C2E-314DE556EAAA} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1480712 2016-11-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FC9EE460-7CC8-463D-8FDE-2ECA94ED65DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c84d4190-dd3d-49f0-8214-05411fe94162}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-03-14] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default [2023-04-17]
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://google.cz/","hxxp://www.lyoness.net/browser"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-04-17]
CHR Extension: (BetterTTV) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-04-17]
CHR Extension: (Steam Inventory Helper) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-04-17]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2023-04-17]
CHR Extension: (Mailto: for Gmail™) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2023-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-17]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2023-04-17]
CHR Extension: (Video Downloader Plus) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkdmdpdhfaamhgaojpelccmeehpfljgf [2023-04-17]
CHR Extension: (View image) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2023-04-17]
CHR Extension: (Video DownloadHelper) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2023-04-17]
CHR Extension: (Buster: Captcha Solver for Humans) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpbjkejclgfgadiemmefgebjfooflfhl [2023-04-17]
CHR Extension: (Image search for Yandex) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcooeefegelfehalmefdeojlkinjjho [2023-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-17]
CHR Extension: (Hover Zoom+) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2023-04-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8808344 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2079128 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [584088 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15615384 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9007000 2023-04-14] (Avast Software s.r.o. -> AVAST Software)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42760 2023-02-28] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [211208 2023-02-28] (Intel Corporation -> Intel)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-04-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9098608 2023-04-16] (Malwarebytes Inc. -> Malwarebytes)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [10043288 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2023-01-31] (Dell Inc -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16907576 2023-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\jakub\AppData\Roaming\Zoom"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2023-04-17] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31376 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235424 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391808 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297840 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2023-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39608 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [269464 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [557096 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105208 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80376 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [942952 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [702784 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212640 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319568 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [76664 2023-04-12] (Avast Software s.r.o. -> Avast Software)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [47472 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-17 23:42 - 2023-04-17 23:43 - 000029798 _____ C:\Users\jakub\Desktop\FRST.txt
2023-04-17 23:42 - 2023-04-17 23:43 - 000000000 ____D C:\FRST
2023-04-17 23:41 - 2023-04-17 23:42 - 002380288 _____ (Farbar) C:\Users\jakub\Desktop\FRST64.exe
2023-04-17 18:03 - 2023-04-17 18:03 - 000000000 __SHD C:\Users\jakub\AppData\Roaming\wyUpdate AU
2023-04-17 17:27 - 2023-04-17 17:27 - 000002680 _____ C:\Windows\system32\Tasks\AMSkipUAC
2023-04-17 17:26 - 2023-04-17 23:43 - 001130305 _____ C:\Windows\ZAM.krnl.trace
2023-04-17 17:26 - 2023-04-17 17:27 - 000000000 ____D C:\Users\jakub\AppData\Local\AMSDK
2023-04-17 17:26 - 2023-04-17 17:26 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2023-04-17 17:26 - 2023-04-17 17:26 - 000003558 _____ C:\Windows\system32\Tasks\AMHelper
2023-04-17 17:26 - 2023-04-17 17:26 - 000001337 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2023-04-17 17:26 - 2023-04-17 17:26 - 000000000 ____D C:\Users\jakub\AppData\Local\Zemana
2023-04-17 17:26 - 2023-04-17 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-04-17 17:26 - 2023-04-17 17:26 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-04-17 17:25 - 2023-04-17 17:26 - 013922376 _____ (Zemana Ltd. ) C:\Users\jakub\Downloads\Zemana.AntiMalware.Setup.exe
2023-04-17 17:08 - 2023-04-17 17:08 - 000000000 ____D C:\Users\jakub\AppData\Local\Avast Software
2023-04-17 16:37 - 2023-04-17 16:37 - 000004028 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-04-17 16:37 - 2023-04-17 16:37 - 000000000 ____D C:\Users\jakub\AppData\Local\VirtualStore
2023-04-17 16:35 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2023-04-17 16:11 - 2023-04-17 16:32 - 000000000 ____D C:\zoek_backup
2023-04-17 16:11 - 2023-04-17 16:11 - 002038755 _____ C:\Users\jakub\Desktop\zoek (1).exe
2023-04-16 22:03 - 2023-04-16 22:03 - 000000000 ____D C:\ProgramData\RogueKiller
2023-04-16 22:02 - 2023-04-16 22:03 - 035136432 _____ C:\Users\jakub\Desktop\RogueKiller_portable64.exe
2023-04-16 21:13 - 2023-04-16 21:13 - 000000000 ____D C:\ProgramData\Sophos
2023-04-16 21:09 - 2023-04-16 21:09 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2023-04-16 21:09 - 2023-04-16 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-04-16 21:09 - 2023-04-16 21:09 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-04-16 21:07 - 2023-04-16 21:09 - 185115928 _____ (Sophos Limited) C:\Users\jakub\Desktop\Sophos Virus Removal Tool.exe
2023-04-16 21:06 - 2023-04-16 21:06 - 000001007 _____ C:\Users\jakub\Desktop\JRT.txt
2023-04-16 21:03 - 2023-04-16 21:03 - 001790024 _____ (Malwarebytes) C:\Users\jakub\Desktop\JRT.exe
2023-04-16 20:58 - 2023-04-16 20:58 - 000001426 _____ C:\Windows\system32\default_error_stack-000003-000000.txt
2023-04-16 20:57 - 2023-04-16 20:57 - 000000925 _____ C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2023-04-16 20:57 - 2023-04-16 20:57 - 000000895 _____ C:\Users\jakub\Desktop\Temp File Cleaner.lnk
2023-04-16 20:57 - 2023-04-16 20:57 - 000000000 ____D C:\Users\jakub\AppData\Roaming\addpcs
2023-04-16 20:57 - 2023-04-16 20:57 - 000000000 ____D C:\Program Files\Temp File Cleaner
2023-04-16 20:56 - 2023-04-16 20:56 - 002103230 _____ C:\Users\jakub\Desktop\TempFileCleaner_4.5.0_Setup.exe
2023-04-16 20:16 - 2023-04-16 20:16 - 000001836 _____ C:\Users\jakub\Desktop\CrystalDiskInfo.lnk
2023-04-16 20:16 - 2023-04-16 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-04-16 20:16 - 2023-04-16 20:16 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-04-16 20:15 - 2023-04-16 20:15 - 005282024 _____ (Crystal Dew World ) C:\Users\jakub\Desktop\CrystalDiskInfo8_17_14.exe
2023-04-16 20:14 - 2023-04-16 20:14 - 000001677 _____ C:\Users\jakub\Desktop\MB.txt
2023-04-16 20:09 - 2023-04-16 20:09 - 000000000 ____D C:\Users\jakub\AppData\Local\mbam
2023-04-16 20:07 - 2023-04-16 20:07 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-04-16 20:07 - 2023-04-16 20:07 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-04-16 20:06 - 2023-04-16 20:06 - 002649088 _____ (Malwarebytes) C:\Users\jakub\Desktop\MBSetup.exe
2023-04-16 20:06 - 2023-04-16 20:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-04-16 20:06 - 2023-04-16 20:06 - 000000000 ____D C:\Program Files\Malwarebytes
2023-04-16 20:03 - 2023-04-16 21:01 - 000000000 ____D C:\AdwCleaner
2023-04-16 20:02 - 2023-04-16 20:02 - 008791352 _____ (Malwarebytes) C:\Users\jakub\Desktop\AdwCleaner.exe
2023-04-16 19:27 - 2023-04-16 19:27 - 000388608 _____ (Trend Micro Inc.) C:\Users\jakub\Desktop\HijackThis.exe
2023-04-16 14:03 - 2023-04-16 14:03 - 093482361 _____ C:\Users\jakub\Desktop\petal_20230416_140022.mp4
2023-04-15 15:36 - 2023-04-15 15:36 - 000002368 _____ C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-04-14 10:15 - 2023-04-14 10:15 - 000586868 _____ C:\Users\jakub\Downloads\srovnani_58144116.pdf
2023-04-13 23:14 - 2023-04-13 23:16 - 000000000 ____D C:\Users\jakub\Desktop\financehorak.cz
2023-04-13 18:36 - 2023-04-13 19:26 - 000000000 ____D C:\Users\jakub\Desktop\Jan Marek
2023-04-13 18:10 - 2023-04-13 18:15 - 000050498 _____ C:\Users\jakub\Desktop\Náhled modelace (Martin Ambros).pdf
2023-04-13 18:07 - 2023-04-13 18:07 - 000074718 _____ C:\Users\jakub\Desktop\zavazna-onemocneni-simplea-12-2022_1670937828106.pdf
2023-04-13 17:57 - 2023-04-13 17:57 - 000126739 _____ C:\Users\jakub\Desktop\trvale-nasledky-simplea-12-2022_16709378291901.pdf
2023-04-12 20:40 - 2023-04-12 20:40 - 001730233 _____ C:\Users\jakub\Desktop\Kučerová.pdf
2023-04-12 20:39 - 2023-04-12 20:39 - 000461400 _____ C:\Users\jakub\Downloads\WhatsApp Image 2023-04-12 at 16.45.06.jpeg
2023-04-12 20:39 - 2023-04-12 20:39 - 000378933 _____ C:\Users\jakub\Downloads\WhatsApp Image 2023-04-12 at 16.45.05 (1).jpeg
2023-04-12 20:39 - 2023-04-12 20:39 - 000341967 _____ C:\Users\jakub\Downloads\WhatsApp Image 2023-04-12 at 16.45.05.jpeg
2023-04-12 20:39 - 2023-04-12 20:39 - 000341089 _____ C:\Users\jakub\Downloads\WhatsApp Image 2023-04-12 at 16.45.05 (2).jpeg
2023-04-12 16:31 - 2023-04-12 16:31 - 000001425 _____ C:\Windows\system32\default_error_stack-000002-000000.txt
2023-04-12 15:55 - 2023-04-12 15:55 - 000021948 _____ C:\Users\jakub\Downloads\ZPOPLATNĚNÍ leadů za Q1 2022 k 12.4.2023.xlsx
2023-04-12 13:55 - 2023-04-12 13:55 - 000000000 ___HD C:\$WinREAgent
2023-04-12 13:40 - 2023-04-12 13:40 - 000249277 _____ C:\Users\jakub\Downloads\Zadost o modifikaci_zrizeni trvaleho pokynu k nakupu_2007.pdf
2023-04-12 13:40 - 2023-04-12 13:40 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-04-12 13:39 - 2023-04-12 13:39 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-04-12 12:03 - 2023-04-12 12:07 - 000017175 _____ C:\Users\jakub\Desktop\Potencial pobociek - prepocet ČR.xlsx
2023-04-12 12:03 - 2023-04-12 12:03 - 000413696 _____ C:\Users\jakub\Desktop\Listina odporúčaní.xls
2023-04-12 01:05 - 2023-04-12 01:05 - 000570389 _____ C:\Users\jakub\Desktop\MojeAmundi.pdf
2023-04-12 00:52 - 2023-04-12 00:52 - 000434162 _____ C:\Users\jakub\Downloads\CZ-005-20220401-Zadost o zpetny odkup.pdf
2023-04-12 00:19 - 2023-04-12 00:19 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2023-04-12 00:19 - 2023-04-12 00:19 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Avast Software
2023-04-12 00:18 - 2023-04-12 00:18 - 000076664 _____ (Avast Software) C:\Windows\system32\Drivers\aswVpnRdr.sys
2023-04-12 00:18 - 2023-04-12 00:18 - 000040344 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2023-04-12 00:18 - 2023-04-12 00:18 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-04-12 00:17 - 2023-04-16 17:48 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-04-12 00:17 - 2023-04-12 00:18 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-04-12 00:17 - 2023-04-12 00:17 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-04-12 00:16 - 2023-04-12 00:18 - 000000000 ____D C:\Program Files\Avast Software
2023-04-12 00:08 - 2023-04-12 00:16 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-04-12 00:08 - 2023-04-12 00:08 - 000263000 _____ (AVAST Software) C:\Users\jakub\Downloads\avast_one_free_antivirus.exe
2023-04-11 23:58 - 2023-04-11 23:58 - 000001426 _____ C:\Windows\system32\default_error_stack-000001-000000.txt
2023-04-11 14:05 - 2023-04-11 14:05 - 000059737 _____ C:\Users\jakub\Desktop\Daňzpříjmu.pdf
2023-04-11 14:04 - 2023-04-11 14:04 - 000508829 _____ C:\Users\jakub\Desktop\Smlouva s tátou.pdf
2023-04-10 19:59 - 2023-04-10 19:59 - 000991572 _____ C:\Users\jakub\Downloads\PRAVIDLA PRO PŘEVODY AKCIÍ_FINAL.pdf
2023-04-08 18:14 - 2023-04-08 18:14 - 000075507 _____ C:\Users\jakub\Downloads\51294_42000005329692_mares.jpeg.pdf
2023-04-08 17:59 - 2023-04-08 17:59 - 000198016 _____ C:\Users\jakub\Desktop\priloha_1172603326_0_DT_na_zkoušku.pdf
2023-04-08 17:58 - 2023-04-08 17:58 - 000198016 _____ C:\Users\jakub\Downloads\priloha_1172603326_0_DT_na_zkoušku.pdf
2023-04-07 16:28 - 2023-03-17 08:37 - 001432336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-04-07 16:28 - 2023-03-17 08:37 - 001432336 _____ C:\Windows\system32\vulkan-1.dll
2023-04-07 16:27 - 2023-03-17 08:37 - 001145616 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-04-07 16:27 - 2023-03-17 08:37 - 001145616 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-04-06 17:13 - 2023-04-12 16:32 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-06 17:10 - 2021-02-09 10:12 - 001347464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorAC.sys
2023-04-06 17:10 - 2021-02-09 10:12 - 000026504 _____ (Intel Corporation) C:\Windows\system32\RstMwEventLogMsg.dll
2023-04-06 16:34 - 2023-04-06 16:34 - 000000000 ____D C:\Users\jakub\Documents\Dell
2023-04-06 16:30 - 2023-04-06 22:26 - 000000000 ____D C:\Program Files\Dell
2023-04-06 16:30 - 2023-04-06 17:26 - 000003362 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2023-04-06 16:30 - 2023-04-06 16:30 - 000000000 ____D C:\Program Files (x86)\Dell
2023-04-06 16:29 - 2023-04-06 22:26 - 000000000 ____D C:\ProgramData\Dell
2023-04-06 16:29 - 2023-04-06 16:29 - 000000000 ____D C:\Program Files\dotnet
2023-04-05 12:36 - 2023-04-05 12:36 - 000003670 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-04-05 12:36 - 2023-02-24 23:02 - 000047240 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2023-04-05 00:06 - 2023-04-05 00:06 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Sleep Team
2023-04-05 00:06 - 2023-04-05 00:06 - 000000000 ____D C:\Users\jakub\AppData\Local\EOSUserHelper
2023-04-05 00:05 - 2023-04-05 00:05 - 000000000 ____D C:\Users\jakub\AppData\Local\UnrealEngine
2023-04-05 00:04 - 2023-04-05 00:06 - 000000000 ____D C:\Users\jakub\AppData\Local\Epic Games
2023-04-05 00:04 - 2023-04-05 00:06 - 000000000 ____D C:\ProgramData\Epic
2023-04-05 00:04 - 2023-04-05 00:04 - 000000000 ____D C:\Program Files (x86)\Epic Games
2023-04-04 22:06 - 2023-04-04 22:06 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-27 23:57 - 2023-03-27 23:57 - 000074971 _____ C:\Users\jakub\Desktop\auto2.jpeg
2023-03-27 23:53 - 2023-03-27 23:53 - 000068595 _____ C:\Users\jakub\Desktop\auto.jpeg
2023-03-27 22:34 - 2023-03-27 22:34 - 000000000 ____D C:\Users\jakub\AppData\Roaming\dvdcss
2023-03-27 17:03 - 2023-04-15 16:12 - 000804273 _____ C:\Users\jakub\Desktop\Pracovní grafy.pptx
2023-03-26 03:06 - 2023-03-26 03:06 - 000000000 ____D C:\Users\jakub\AppData\Roaming\WinRAR
2023-03-25 17:42 - 2023-04-16 17:14 - 000000000 ____D C:\Users\jakub\Desktop\material
2023-03-25 03:45 - 2023-04-16 17:14 - 000000000 ____D C:\Users\jakub\AppData\Roaming\vlc
2023-03-22 17:50 - 2023-04-17 20:43 - 000004212 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{E94DCAED-02EC-4E5E-9619-32EAB33B2053}
2023-03-22 17:14 - 2023-03-22 19:15 - 000000000 ____D C:\Users\jakub\Desktop\DDP
2023-03-20 12:09 - 2023-03-20 12:09 - 000000000 ____D C:\Users\jakub\Documents\Zoom
2023-03-18 00:03 - 2023-03-18 00:03 - 000000000 ____D C:\Users\jakub\Documents\Vlastní šablony Office

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-17 23:16 - 2023-03-12 17:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-17 23:15 - 2023-03-12 17:19 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-17 23:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-17 22:23 - 2023-03-17 22:48 - 000000000 ____D C:\Users\jakub\AppData\Local\CrashDumps
2023-04-17 20:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-17 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-17 17:57 - 2023-03-12 17:33 - 000000000 __SHD C:\Users\jakub\IntelGraphicsProfiles
2023-04-17 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-04-17 17:06 - 2023-03-12 18:15 - 000000000 ____D C:\Program Files\CCleaner
2023-04-17 16:43 - 2023-03-12 17:28 - 001605666 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-17 16:43 - 2019-12-07 16:41 - 000684862 _____ C:\Windows\system32\perfh005.dat
2023-04-17 16:43 - 2019-12-07 16:41 - 000137626 _____ C:\Windows\system32\perfc005.dat
2023-04-17 16:43 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-17 16:36 - 2023-03-12 17:54 - 000000000 ____D C:\ProgramData\Avast Software
2023-04-17 16:36 - 2023-03-12 17:33 - 000000000 ____D C:\Intel
2023-04-17 16:36 - 2023-03-12 17:19 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-17 16:36 - 2023-03-12 17:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-17 16:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-04-17 16:36 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-04-16 23:48 - 2023-03-13 13:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-04-16 23:29 - 2023-03-12 17:19 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-16 21:01 - 2023-03-12 18:22 - 000000000 ____D C:\Users\jakub\AppData\Roaming\IObit
2023-04-16 20:57 - 2023-03-16 20:24 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Temp
2023-04-16 20:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-04-15 15:38 - 2023-03-12 17:34 - 000000000 ____D C:\Users\jakub\AppData\Local\D3DSCache
2023-04-15 15:36 - 2023-03-12 18:00 - 000000000 ____D C:\Users\jakub\AppData\Local\SquirrelTemp
2023-04-14 21:27 - 2023-03-12 17:59 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-13 20:16 - 2023-03-16 01:00 - 000021992 _____ C:\Users\jakub\Desktop\Pojištění výpočet.xlsx
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-12 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-12 15:55 - 2023-03-12 17:31 - 000000000 ____D C:\Users\jakub\AppData\Local\Packages
2023-04-12 15:30 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-12 14:01 - 2023-03-12 17:23 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-12 13:54 - 2023-03-12 17:37 - 000000000 ____D C:\Windows\system32\MRT
2023-04-12 13:52 - 2023-03-12 17:37 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-04-11 16:11 - 2023-03-12 17:59 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3476F106-43EE-45B6-96B2-27084972D3A6}
2023-04-11 16:11 - 2023-03-12 17:59 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{4FDC7264-DF5E-438A-80C3-B10B8571D458}
2023-04-10 02:08 - 2023-03-12 18:00 - 000000000 ____D C:\Users\jakub\AppData\Local\Discord
2023-04-07 16:27 - 2023-03-12 17:33 - 000000000 ____D C:\ProgramData\Intel
2023-04-06 17:14 - 2023-03-12 17:31 - 000000000 ____D C:\ProgramData\Packages
2023-04-06 17:13 - 2023-03-12 17:18 - 000000000 ____D C:\Windows\Panther
2023-04-06 17:11 - 2023-03-12 18:42 - 000000000 ____D C:\Program Files\Intel
2023-04-06 16:14 - 2023-03-12 18:15 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-04-06 01:30 - 2023-03-12 17:59 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-05 13:14 - 2023-03-13 01:20 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-04-05 12:36 - 2023-03-12 18:42 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-04-05 12:36 - 2023-03-12 18:42 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2023-04-04 21:23 - 2023-03-12 17:19 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-04 21:23 - 2023-03-12 17:19 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-26 04:32 - 2023-03-12 17:33 - 000000000 ____D C:\Users\jakub\AppData\Local\PlaceholderTileLogoFolder
2023-03-25 01:08 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2023-03-24 02:12 - 2023-03-12 18:05 - 000000000 ____D C:\Users\jakub\AppData\Local\Google
2023-03-23 18:11 - 2023-03-12 18:15 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-03-21 17:06 - 2023-03-12 18:15 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

zik9 · Příspěvekod **zik9** » 18 dub 2023 15:07

Memtest bez problému

Příspěvekod **jaro3** » 18 dub 2023 15:19

OK.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {47CA1339-DE3E-4C23-8A70-A3BE36227779} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {9AA011E1-1E27-46C2-B204-4FAACEF4B216} - System32\Tasks\GoogleUpdateTaskMachineCore{4FDC7264-DF5E-438A-80C3-B10B8571D458} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-12] (Google LLC -> Google LLC)
Task: {9CADFB1E-60BD-4D10-AB4A-0E23D0F1D8C4} - System32\Tasks\GoogleUpdateTaskMachineUA{3476F106-43EE-45B6-96B2-27084972D3A6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-12] (Google LLC -> Google LLC)

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Zkus pak ty doplňky.

Error: (04/17/2023 07:28:26 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error

Error: (04/17/2023 07:28:26 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error

Zadej si nové téma v sekci "Problém s HW"

zik9 · Příspěvekod **zik9** » 18 dub 2023 16:31

Doplňky se samy doplnily po opravě s FRST po spuštění Chrome díky synchronizaci.
Proč ale otevírat v Problém s HW téma s něčím, co se sice podle logu jako problém jeví? Ale popravdě žádný problém nepozoruji a wifi mi běží tak, jak celou dobu, v pořádku.

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-04-2023
Ran by jakub (18-04-2023 16:24:28) Run:1
Running from C:\Users\jakub\Desktop
Loaded Profiles: jakub
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {47CA1339-DE3E-4C23-8A70-A3BE36227779} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {9AA011E1-1E27-46C2-B204-4FAACEF4B216} - System32\Tasks\GoogleUpdateTaskMachineCore{4FDC7264-DF5E-438A-80C3-B10B8571D458} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-12] (Google LLC -> Google LLC)
Task: {9CADFB1E-60BD-4D10-AB4A-0E23D0F1D8C4} - System32\Tasks\GoogleUpdateTaskMachineUA{3476F106-43EE-45B6-96B2-27084972D3A6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-12] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47CA1339-DE3E-4C23-8A70-A3BE36227779}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47CA1339-DE3E-4C23-8A70-A3BE36227779}" => removed successfully
C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AA011E1-1E27-46C2-B204-4FAACEF4B216}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AA011E1-1E27-46C2-B204-4FAACEF4B216}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{4FDC7264-DF5E-438A-80C3-B10B8571D458} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{4FDC7264-DF5E-438A-80C3-B10B8571D458}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CADFB1E-60BD-4D10-AB4A-0E23D0F1D8C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CADFB1E-60BD-4D10-AB4A-0E23D0F1D8C4}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{3476F106-43EE-45B6-96B2-27084972D3A6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{3476F106-43EE-45B6-96B2-27084972D3A6}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 491859860 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 192730307 B
Windows/system/drivers => 24584844 B
Edge => 0 B
Chrome => 1191462798 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 25896 B
NetworkService => 26532 B
jakub => 4246780 B

RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:25:29 ====

Příspěvekod **jaro3** » 18 dub 2023 17:22

Jak myslíš. Zkopíroval jsem problém. Zkontroluj si nebo aktualizuj ovladače.
Co problémy?

Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Re: Ntb se ovládá sam

Kdo je online