prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 07 bře 2021 18:07

Welcome to WhoCrashed (Home Edition) v 6.70

This program checks for drivers which have been crashing your computer. If your computer has displayed a blue (or black) screen of death, suddenly rebooted or shut down then this program might help you find the root cause of the problem and a solution.

Whenever a computer suddenly reboots without displaying any notice or blue (or black) screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows a lot of system crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue or black screen unless they are configured for this. Instead these systems suddenly reboot without any notice.

This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.

To obtain technical support visit

Click here to check if you have the latest version or if an update is available.

Just click the Analyze button for a comprehensible report ...

Home Edition Notice

This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which allows you to perform more thorough and detailed analysis. It also offers a range of additional features such as remote analysis on remote directories and remote computers on the network.

Please note that this version of WhoCrashed is not licensed for use by professional support engineers.

Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.

System Information (local)

Computer name: DESKTOP-B6BT7TS
Windows version: Windows 10, 10.0, version 2004, build: 19041
Windows dir: C:\WINDOWS
Hardware: Aspire V3-771, Acer, VA70_HC
CPU: GenuineIntel Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz 8664, level: 6
4 logical processors, active mask: 15
RAM: 8399376384 bytes (7,8GB)

Crash Dump Analysis

Crash dumps are enabled on your computer. This system is not configured for complete or automatic crash dumps. For best results, configure your system to write out complete or automatic crash dumps. Select Tools->Crash Dump Configuration from the main menu to configure your system to write out complete memory dumps.

Crash dump directories:

No valid crash dumps have been found on your computer


Crash dumps are enabled but no valid crash dumps have been found. In case you are experiencing system crashes, it may be that crash dumps are prevented from being written out. Check out the following article for possible causes: If crash dumps are not written out.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 07 bře 2021 18:08

baterie notebooku je už jen jako pasivní hmotnostní zátěž.. po odpojení kabelu ze sítě se notebook do 1 minuty vypíná.

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43107
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 07 bře 2021 19:12

Proto ty výpadky.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.: ... ool/dl/81/
64bit.: ... ool/dl/82/
další odkaz: ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 07 bře 2021 19:28

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by jarda (07-03-2021 19:25:28)
Running from C:\Users\jarda\OneDrive\Plocha
Windows 10 Home Version 2004 19041.804 (X64) (2020-08-18 19:50:30)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-60154957-2074947926-1104247860-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-60154957-2074947926-1104247860-503 - Limited - Disabled)
Guest (S-1-5-21-60154957-2074947926-1104247860-501 - Limited - Disabled)
jarda (S-1-5-21-60154957-2074947926-1104247860-1001 - Administrator - Enabled) => C:\Users\jarda
WDAGUtilityAccount (S-1-5-21-60154957-2074947926-1104247860-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Aide PDF to DWG Converter 12.0 (HKLM-x32\...\Aide PDF to DWG Converter_is1) (Version: - Aide CAD Systems Incorporated.)
Akamai NetSession Interface (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Angry Birds (HKLM-x32\...\{0CE0711D-A5E3-4E98-B3C0-0227A5E000CA}) (Version: 2.2.0 - Rovio)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.2.8118.183 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CrystalDiskInfo 8.11.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.11.0 - Crystal Dew World)
ELAN Touchpad (HKLM\...\Elantech) (Version: - ELAN Microelectronic Corp.)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: - FARO Scanner Production)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Google Video Support Plugin (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
HDR Efex Pro 2 (HKLM-x32\...\HDR Efex Pro 2) (Version: - Nik Software, Inc.)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: - Christian Kindahl)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
LEGO City Undercover (HKLM-x32\...\LEGO City Undercover_is1) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Minecraft 1.12.2 + Titan Launcher 3.7.0 (HKLM-x32\...\Minecraft 1.12.2 + Titan Launcher 3.7.0 1.12.2) (Version: 1.12.2 - Mojang)
Minecraft 1.9.4 CZ + Multiplayer (HKLM-x32\...\Minecraft 1.9.4 CZ + Multiplayer 1.9.4) (Version: 1.9.4 - Mojang)
Mozilla Firefox 65.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 65.0.2 (x64 cs)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
Opera Stable 66.0.3515.44 (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Opera 66.0.3515.44) (Version: 66.0.3515.44 - Opera Software)
Opera Stable 74.0.3911.160 (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Opera 74.0.3911.160) (Version: 74.0.3911.160 - Opera Software)
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Photomatix Pro version 6.0.2 (HKLM\...\PhotomatixPro6x64_is1) (Version: 6.0.2 - HDRsoft Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: - Google, Inc.)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.20977 - Kakao Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Roblox Player for jarda (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for jarda (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\roblox-studio) (Version: - Roblox Corporation)
RogueKiller version (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: - Adlice Software)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: - Samsung )
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: - Valve Corporation)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\{6D87CAD9-9B94-4421-A439-B25F8DE14575}) (Version: 1.1 - Ubisoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.1 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: - UBISOFT)
UE4 Prerequisites (x64) (HKLM\...\{488048BA-66A9-462E-9C36-00B3F364FAF2}) (Version: - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: - Epic Games, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: - Microsoft Corporation)
Videostream (HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Videostream) (Version: 0.4.3 - Videostream)
Vulkan Run Time Libraries (HKLM\...\VulkanRT1.0.42.1) (Version: - LunarG, Inc.)
WhoCrashed 6.70 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 1134 -
Wreckfest (HKLM-x32\...\Wreckfest_is1) (Version: - )
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-31] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\jarda\AppData\Local\Google\Update\\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\jarda\AppData\Local\Google\Update\\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jarda\AppData\Local\Google\Update\\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-14] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-60154957-2074947926-1104247860-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-60154957-2074947926-1104247860-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps:// ... gws_rd=ssl
DownloadDir: C:\Users\jarda\OneDrive\Plocha
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> DefaultScope {7456CDB6-5E98-44EE-808E-38D2C97F8A39} URL = hxxps://{searchTerms}&sourceid=ie7&{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> {7456CDB6-5E98-44EE-808E-38D2C97F8A39} URL = hxxps://{searchTerms}&sourceid=ie7&{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-17] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-03-06 17:35 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\Control Panel\Desktop\\Wallpaper -> D:\DSC00907.jpg
DNS Servers: -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Update Java.bat"
HKLM\...\StartupApproved\StartupFolder: => "Java 32bit.bat"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{49DFD71A-4341-4B02-80CB-7B816A8D4E3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{0765F96C-98B3-491A-811B-C2C34888DB51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{86081562-DE11-4F98-A86E-1C5D3081A2CE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B8B92F70-137A-4F0E-8D80-CAB4552D7DD7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EA413605-C0D4-4B12-AFE8-2FC0E25CA0C4}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\gu.exe (Ubisoft Entertainment SA -> Ubisoft)
FirewallRules: [{6A4B92F3-FBDB-450F-AF68-96C3FEE777FF}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\gu.exe (Ubisoft Entertainment SA -> Ubisoft)
FirewallRules: [{B4691EE6-B8D0-481B-BEC7-7A2895C43077}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{EA88F1EF-D494-4E59-AA86-88DC499A6C29}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{6196FAD8-B9BB-47CA-B4DA-8D6C1DD46350}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5AFE3F34-D013-4517-8E13-4C303931D6CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3F36C3BF-C989-4E99-9A0C-DC61D48A9563}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CBE4FAB2-ECCF-4165-9990-F487DEE74369}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{439242C6-513F-44A8-A176-521CBC7DCB2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games) [File not signed]
FirewallRules: [{CF4EB205-1820-423B-8459-F3CF87DE50F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games) [File not signed]
FirewallRules: [{9ABE8AEA-48C8-4CF3-9BF3-394F9B4E74E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2BB2E8B-D189-4B05-A400-F4ADCC6337B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{17662EDB-1498-4CB0-A54C-6C21B9242A59}] => (Allow) LPort=5000
FirewallRules: [{0BC7644D-45D9-47B8-99B9-BE9E78E0D1FE}] => (Allow) LPort=51735
FirewallRules: [UDP Query User{34671FCF-7ACD-45F6-82F5-076EFC9FCE8B}C:\users\jarda\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jarda\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{F5AF5220-75F0-406F-A868-ABD71CF1F97C}C:\users\jarda\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jarda\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [UDP Query User{F7C780C4-70F3-4F6B-BEDB-2A17288E7E22}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{A157AA74-1538-4A2F-9677-95280E29D931}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{74D4669A-0644-4988-8C49-206BF364FFAA}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{6348D22A-515F-4C98-A29D-9B6AC619C982}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{880F41C0-2CA6-4200-9791-6FB3D944CDDB}] => (Allow) LPort=5556
FirewallRules: [{BF6FCD4A-DBC3-40A4-88F6-1933426A1A0F}] => (Allow) LPort=5557
FirewallRules: [{3D255D63-16FE-464E-B114-B018EC49D313}] => (Allow) C:\Users\jarda\AppData\Local\Videostream\app-0.4.3\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{CC528480-E666-4088-ABF4-89DEDDAB02E9}] => (Allow) C:\Users\jarda\AppData\Local\Videostream\app-0.4.3\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{52CDD200-8857-472A-8401-627828AF0BC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{499AD6DE-8493-42EA-A8E1-E90AA50785BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C70F1BC4-5574-44BB-89E4-25607D522590}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F7283F92-6299-4802-80A8-68E4DB6C2141}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{3FBEA98A-DDE7-417A-8AAB-3A9DE34A8015}C:\users\jarda\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\jarda\appdata\local\programs\opera\74.0.3911.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{1225EE30-B84C-4086-913D-CBBFFB43B6CB}C:\users\jarda\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\jarda\appdata\local\programs\opera\74.0.3911.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7DE137B5-31BD-4C89-A42A-6069F821B6D9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8DBBB108-B270-474F-A4CD-CE2236E1F2CD}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{3D105D17-ED25-4CE3-9BA5-E8D7B0C80798}C:\users\jarda\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Block) C:\users\jarda\appdata\local\programs\opera\74.0.3911.160\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{A6FDF14A-2411-4BCA-B705-0A38DAF6E57D}C:\users\jarda\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Block) C:\users\jarda\appdata\local\programs\opera\74.0.3911.160\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E4041FD1-8462-4D32-A8F6-C51439EA8E01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70F58596-282E-4194-805A-9C524F791143}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{122E8C93-55A4-40D8-8078-09951F5F9919}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B5616CAF-007B-40B5-B2F2-D4E4BB67ADBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BE99B0D0-BC57-4BAA-A4FA-A0DED167903F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E839220C-2D96-4D16-B802-23BA08870C55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{73DD4C76-D003-4C8E-855E-9D5182D0609E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{31F54BF8-C5E0-449E-9EA5-3B20015AEBFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

06-03-2021 17:34:40 zoek.exe restore point

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
Error: (03/07/2021 01:16:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20120.4004.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2aac

Čas spuštění: 01d71342e21cc402

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 459bb218-4381-4c57-95d9-6f835aa45326

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/07/2021 11:07:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20120.4004.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 21d8

Čas spuštění: 01d712b38e7fc9aa

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: caa8ad19-d019-493a-b369-efd9d939c727

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/06/2021 06:30:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AntiMalware.exe, verze:, časové razítko: 0x5f21537e
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.804, časové razítko: 0x039874b8
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6a43
ID chybujícího procesu: 0x31e8
Čas spuštění chybující aplikace: 0x01d712ae57bdf2cf
Cesta k chybující aplikaci: C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 5c353ea8-0f47-4120-93a8-02392e48d584
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/06/2021 06:28:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AntiMalware.exe, verze:, časové razítko: 0x5f21537e
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.804, časové razítko: 0x039874b8
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6a43
ID chybujícího procesu: 0x2a7c
Čas spuštění chybující aplikace: 0x01d712adcc78b786
Cesta k chybující aplikaci: C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c174fcc7-1327-485b-9a37-258b6d7d137b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/06/2021 05:30:49 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/06/2021 12:17:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RogueKiller64.exe verze přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1298

Čas spuštění: 01d711c42c23e3a5

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\RogueKiller\RogueKiller64.exe

ID hlášení: c8f8fe9b-a580-4147-b7c2-3229aa2c1d6a

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (03/05/2021 11:42:58 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.

Error: (03/04/2021 09:33:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.746, časové razítko: 0xca234864
Název chybujícího modulu: explorer.exe, verze: 10.0.19041.746, časové razítko: 0xca234864
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001a7fcb
ID chybujícího procesu: 0x1c40
Čas spuštění chybující aplikace: 0x01d710d10bd37359
Cesta k chybující aplikaci: C:\Windows\explorer.exe
Cesta k chybujícímu modulu: C:\Windows\explorer.exe
ID zprávy: 951742a7-0a79-42d3-a945-22127c5b1550
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
Error: (03/06/2021 06:09:29 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:

Error: (03/06/2021 06:09:29 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:

Error: (03/06/2021 05:58:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/06/2021 05:58:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/06/2021 05:58:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/06/2021 05:57:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/06/2021 05:57:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/05/2021 02:36:50 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Date: 2021-03-07 19:18:19
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-03-07 19:17:22
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-03-07 12:38:03
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V2.23 06/19/2013
Motherboard: Acer VA70_HC
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 38%
Total physical RAM: 8010.27 MB
Available physical RAM: 4919.26 MB
Total Virtual: 13447.91 MB
Available Virtual: 9863.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.61 GB) (Free:8.52 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:324.43 GB) NTFS
Drive f: () (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
Drive g: () (Removable) (Total:14.91 GB) (Free:11.49 GB) FAT32

\\?\Volume{531857ec-1b1f-456a-8bf7-fcda95239249}\ () (Fixed) (Total:0.58 GB) (Free:0.08 GB) NTFS
\\?\Volume{06dada8c-d20d-41ec-b3b8-42ab937b0f56}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

Disk: 1 (Size: 931.5 GB) (Disk ID: 507418A7)

Partition: GPT.

Disk: 2 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 07 bře 2021 19:31

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by jarda (administrator) on DESKTOP-B6BT7TS (Acer Aspire V3-771) (07-03-2021 19:23:41)
Running from C:\Users\jarda\OneDrive\Plocha
Loaded Profiles: jarda
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe <3>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(RouteThis Inc. -> ) C:\Users\jarda\AppData\Local\Videostream\app-0.4.3\videostream-native\videostream-native.exe <2>
(RouteThis Inc. -> Videostream) C:\Users\jarda\AppData\Local\Videostream\app-0.4.3\Videostream.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2874592 2021-02-18] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Run: [Google Update] => C:\Users\jarda\AppData\Local\Google\Update\\GoogleUpdateCore.exe [216392 2021-02-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Run: [Videostream] => C:\Users\jarda\AppData\Local\Videostream\app-0.4.3\Videostream.exe [340584 2020-10-30] (RouteThis Inc. -> Videostream)
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Run: [Opera Browser Assistant] => C:\Users\jarda\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.2.8118.183\Installer\chrmstp.exe [2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Java.bat [2017-08-26] () [File not signed]
BootExecute: autocheck autochk * icarus_rvrt.exe
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {062D09F5-A8B1-4E0B-8270-0F890F022E62} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {14274664-BDFC-4ABE-8E2D-4CFFA321C510} - System32\Tasks\Opera scheduled Autoupdate 1555260676 => C:\Users\jarda\AppData\Local\Programs\Opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software)
Task: {225D5E41-9588-491C-97C2-CDFF2D033BCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {23B7F66E-9330-49C5-837C-D34400DE9522} - System32\Tasks\Opera scheduled assistant Autoupdate 1582742549 => C:\Users\jarda\AppData\Local\Programs\Opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\jarda\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2915F35F-636B-49A6-A43D-D58608E2196C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001Core => C:\Users\jarda\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {37671529-4F0A-4312-BE3B-988AAD8B1C06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001UA => C:\Users\jarda\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {6C0C5511-8D17-4C87-AF3D-678AEB6E3DD2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
Task: {6E351F27-93A0-4DB6-8CD4-DFE7F511E11F} - System32\Tasks\Opera scheduled Autoupdate 1581245455 => C:\Users\jarda\AppData\Local\Programs\Opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software)
Task: {8164158F-2812-4ADA-B32E-BA65717338D0} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {A2E114C1-8FEF-4E06-9AB2-B521AE759B17} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {B9E90FFD-9416-47B2-9DEE-BFC118E72930} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-01] (Google Inc -> Google Inc.)
Task: {E37E4D6D-30B9-4F02-8D1E-355160982EF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-01] (Google Inc -> Google Inc.)
Task: {F8CE6A0E-F6C6-497A-864F-4C621ACF7B39} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4665568 2021-02-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 4c9fba6b-4a9f-4667-8e77-4d79a4b6b45b
Task: {FDE34E98-6624-40B5-9694-4183D6EB69B8} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5493472 2021-02-15] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{93816191-6438-4a3c-8ddf-533d2c1de85f}: [DhcpNameServer]
Tcpip\..\Interfaces\{ae77536a-8942-4ef1-bd16-9383d045d7db}: [DhcpNameServer]

DownloadDir: D:\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\jarda\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-06]

FF DefaultProfile: li9u4s7y.default
FF ProfilePath: C:\Users\jarda\AppData\Roaming\Mozilla\Firefox\Profiles\li9u4s7y.default [2021-03-06]
FF Homepage: Mozilla\Firefox\Profiles\li9u4s7y.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\li9u4s7y.default -> about:newtab
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\jarda\AppData\Roaming\Mozilla\Firefox\Profiles\li9u4s7y.default\Extensions\ [2019-09-08]
FF Plugin-x32:,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32:,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32:,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-60154957-2074947926-1104247860-1001: -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

OPR Profile: C:\Users\jarda\AppData\Roaming\Opera Software\Opera Stable [2021-03-07]
OPR DefaultSuggestURL: Opera Stable -> hxxps://{searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\jarda\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8044056 2021-03-03] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.2.8118.183\elevation_service.exe [1456376 2021-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5903584 2021-02-18] (Avast Software s.r.o. -> AVAST Software)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2012-07-05] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-02-19] (Even Balance, Inc. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13686592 2021-02-12] (Adlice -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-03-06] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-18] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-14] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-07 19:23 - 2021-03-07 19:24 - 000000000 ____D C:\FRST
2021-03-07 18:05 - 2021-03-07 18:05 - 000000000 ____D C:\Users\jarda\AppData\Local\DBG
2021-03-07 18:05 - 2021-03-07 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2021-03-07 18:05 - 2021-03-07 18:05 - 000000000 ____D C:\Program Files\WhoCrashed
2021-03-07 13:55 - 2021-03-07 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-03-07 13:55 - 2021-03-07 13:55 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-03-07 09:38 - 2021-03-07 09:39 - 000017671 _____ C:\Users\jarda\Downloads\
2021-03-06 18:26 - 2021-03-07 19:24 - 000254730 _____ C:\WINDOWS\ZAM.krnl.trace
2021-03-06 18:26 - 2021-03-06 18:26 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2021-03-06 18:26 - 2021-03-06 18:26 - 000064355 _____ C:\Users\jarda\Downloads\07e5c1b1-ba57-420e-b618-2f3aee8393c7.tmp
2021-03-06 18:26 - 2021-03-06 18:26 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2021-03-06 18:26 - 2021-03-06 18:26 - 000001329 _____ C:\ProgramData\Plocha\Zemana AntiMalware.lnk
2021-03-06 18:26 - 2021-03-06 18:26 - 000000000 ____D C:\Users\jarda\AppData\Local\Zemana
2021-03-06 18:26 - 2021-03-06 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-03-06 18:26 - 2021-03-06 18:26 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-03-06 18:25 - 2021-03-06 18:32 - 000000000 ____D C:\Users\jarda\AppData\Local\AMSDK
2021-03-06 18:04 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-03-06 17:32 - 2021-03-06 17:58 - 000000000 ____D C:\zoek_backup
2021-03-06 14:43 - 2021-03-06 14:43 - 001800862 _____ C:\Users\jarda\Downloads\zoek1 (2).rar
2021-03-06 12:56 - 2021-03-06 12:56 - 001800862 _____ C:\Users\jarda\Downloads\zoek1 (1).rar
2021-03-06 11:52 - 2021-03-06 11:52 - 000000000 ____D C:\Users\jarda\Downloads\zoek1
2021-03-06 11:50 - 2021-03-06 11:51 - 001800862 _____ C:\Users\jarda\Downloads\zoek1.rar
2021-03-04 22:48 - 2021-03-04 23:18 - 000000000 ____D C:\Program Files\RogueKiller
2021-03-04 22:48 - 2021-03-04 22:48 - 000000899 _____ C:\ProgramData\Plocha\RogueKiller.lnk
2021-03-04 22:48 - 2021-03-04 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-03-04 22:47 - 2021-03-04 22:55 - 000000000 ____D C:\ProgramData\RogueKiller
2021-03-04 21:30 - 2021-03-04 21:30 - 000000000 ____D C:\ProgramData\Sophos
2021-03-04 21:29 - 2021-03-04 21:29 - 000002775 _____ C:\ProgramData\Plocha\Sophos Virus Removal Tool.lnk
2021-03-04 21:29 - 2021-03-04 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2021-03-04 21:29 - 2021-03-04 21:29 - 000000000 ____D C:\Program Files (x86)\Sophos
2021-03-04 17:42 - 2021-03-04 17:42 - 000000000 ____D C:\Users\jarda\AppData\Local\mbam
2021-03-04 17:41 - 2021-03-04 17:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-04 17:28 - 2021-03-04 17:29 - 000000000 ____D C:\AdwCleaner
2021-03-04 17:26 - 2021-03-04 17:26 - 000000000 ____D C:\Users\jarda\AppData\Local\CEF
2021-02-23 18:31 - 2021-02-23 18:37 - 2129117882 _____ C:\Users\jarda\Downloads\Vzhůru do oblak [Up] (2009) HD 1080p CZ dabing.avi
2021-02-17 16:03 - 2021-02-17 16:03 - 000307708 _____ C:\Users\jarda\Downloads\WhatsApp Image 2021-02-17 at 16.03.18.jpeg
2021-02-17 16:03 - 2021-02-17 16:03 - 000307708 _____ C:\Users\jarda\Downloads\WhatsApp Image 2021-02-17 at 16.03.18 (1).jpeg
2021-02-16 11:42 - 2021-02-16 11:42 - 000000000 ___HD C:\Users\jarda\Downloads\.opera
2021-02-15 08:18 - 2021-02-15 08:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-15 08:18 - 2021-02-15 08:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-15 08:18 - 2021-02-15 08:18 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-15 08:18 - 2021-02-15 08:18 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-15 08:17 - 2021-02-15 08:17 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-14 10:45 - 2021-02-14 10:45 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-14 10:45 - 2021-02-14 10:45 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-13 14:09 - 2021-02-13 14:09 - 000003686 _____ C:\Users\jarda\Downloads\ZOPPD_M (5).xml
2021-02-13 14:02 - 2021-02-13 14:02 - 000003666 _____ C:\Users\jarda\Downloads\ZOPPD_M (4).xml
2021-02-13 13:57 - 2021-02-13 13:57 - 000003667 _____ C:\Users\jarda\Downloads\ZOPPD_M (3).xml
2021-02-13 13:47 - 2021-02-13 13:47 - 000003659 _____ C:\Users\jarda\Downloads\ZOPPD_M (2).xml

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-07 19:13 - 2020-08-18 20:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-07 09:36 - 2020-06-28 08:19 - 000000000 ____D C:\Program Files\CCleaner
2021-03-06 18:46 - 2019-09-08 09:53 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-06 18:41 - 2020-08-18 20:48 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-06 18:41 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-06 18:41 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-06 18:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-06 18:37 - 2020-10-30 22:02 - 000000000 ____D C:\Users\jarda\AppData\Local\Videostream
2021-03-06 18:37 - 2020-08-18 20:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-06 18:37 - 2020-08-18 20:37 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-06 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-06 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\
2021-03-06 18:37 - 2018-01-17 06:17 - 000000000 __SHD C:\Users\jarda\IntelGraphicsProfiles
2021-03-06 18:37 - 2018-01-17 06:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-06 18:36 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-06 18:34 - 2018-01-17 06:07 - 000000000 ____D C:\Users\jarda\AppData\Local\VirtualStore
2021-03-06 18:30 - 2018-01-17 09:17 - 000000000 ____D C:\Users\jarda\AppData\Local\CrashDumps
2021-03-06 18:12 - 2020-08-18 20:50 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-06 18:10 - 2020-11-12 15:06 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-03-06 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-03-06 17:59 - 2017-09-29 14:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-06 17:31 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-06 15:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-06 15:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-06 11:55 - 2020-06-11 14:21 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-06 11:55 - 2020-06-11 14:21 - 000002257 _____ C:\ProgramData\Plocha\Microsoft Edge.lnk
2021-03-05 04:44 - 2020-08-18 20:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 04:44 - 2020-08-18 20:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 17:23 - 2018-01-17 06:15 - 000000000 ____D C:\Users\jarda\AppData\Local\Comms
2021-03-04 10:42 - 2018-01-17 06:07 - 000000000 ____D C:\Users\jarda\AppData\Local\Packages
2021-03-04 09:48 - 2020-08-18 20:37 - 000446080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-04 09:35 - 2020-02-17 20:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-04 09:33 - 2018-01-17 11:11 - 000000000 ____D C:\ProgramData\Autodesk
2021-03-04 09:26 - 2018-01-17 11:45 - 000000000 ____D C:\Users\jarda\AppData\Roaming\Autodesk
2021-03-04 09:19 - 2020-08-18 20:38 - 000000000 ____D C:\Users\jarda
2021-03-04 08:12 - 2020-08-18 20:50 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-04 08:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-03 15:26 - 2020-08-18 20:50 - 000003764 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582742549
2021-03-03 15:26 - 2020-08-18 20:50 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001UA
2021-03-03 15:26 - 2020-08-18 20:50 - 000003510 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1581245455
2021-03-03 15:26 - 2020-08-18 20:50 - 000003510 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1555260676
2021-03-03 15:26 - 2020-08-18 20:50 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-03 15:26 - 2020-08-18 20:50 - 000003302 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001Core
2021-03-03 15:26 - 2020-08-18 20:50 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-03 15:26 - 2020-08-18 20:50 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-60154957-2074947926-1104247860-1001
2021-03-03 15:26 - 2020-08-18 20:50 - 000002234 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-03 15:26 - 2020-08-18 20:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-03-03 15:07 - 2018-03-02 17:01 - 000000000 ____D C:\Users\jarda\AppData\Roaming\.minecraft
2021-03-02 12:53 - 2020-06-30 10:02 - 000000000 ____D C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-03-02 12:34 - 2019-09-08 09:56 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-01 08:50 - 2019-04-14 17:51 - 000001369 _____ C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-02-28 21:10 - 2020-08-18 20:38 - 000002361 _____ C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-28 21:10 - 2018-01-17 06:10 - 000000000 ___RD C:\Users\jarda\OneDrive
2021-02-26 13:02 - 2018-05-01 18:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-23 20:14 - 2018-01-30 19:50 - 000000000 ____D C:\Users\jarda\AppData\Local\SmartView2
2021-02-22 17:17 - 2020-10-14 15:17 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-21 19:38 - 2020-11-20 07:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 08:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-18 20:39 - 2019-09-08 09:54 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-18 08:23 - 2018-01-17 20:27 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-16 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-16 00:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-15 12:50 - 2021-01-04 21:32 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-02-15 08:06 - 2018-01-17 09:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-15 08:04 - 2018-01-17 09:13 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-14 10:45 - 2020-04-01 19:02 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-14 10:45 - 2019-09-08 09:54 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-05 20:04 - 2020-11-20 07:31 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-11-20 07:31 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2018-08-02 15:47 - 2019-11-23 09:45 - 000006656 _____ () C:\Users\jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43107
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 07 bře 2021 21:10

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> DefaultScope {7456CDB6-5E98-44EE-808E-38D2C97F8A39} URL = hxxps://{searchTerms}&sourceid=ie7&{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> {7456CDB6-5E98-44EE-808E-38D2C97F8A39} URL = hxxps://{searchTerms}&sourceid=ie7&{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
FirewallRules: [UDP Query User{34671FCF-7ACD-45F6-82F5-076EFC9FCE8B}C:\users\jarda\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jarda\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{F5AF5220-75F0-406F-A868-ABD71CF1F97C}C:\users\jarda\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jarda\appdata\local\akamai\netsession_win.exe => No File
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2915F35F-636B-49A6-A43D-D58608E2196C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001Core => C:\Users\jarda\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {37671529-4F0A-4312-BE3B-988AAD8B1C06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001UA => C:\Users\jarda\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {B9E90FFD-9416-47B2-9DEE-BFC118E72930} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-01] (Google Inc -> Google Inc.)
Task: {E37E4D6D-30B9-4F02-8D1E-355160982EF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-01] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-60154957-2074947926-1104247860-1001: -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: () (Fixed) (Total:110.61 GB) (Free:8.52 GB) NTFS

Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 07 bře 2021 21:45

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by jarda (07-03-2021 21:40:39) Run:1
Running from C:\Users\jarda\OneDrive\Plocha
Loaded Profiles: jarda
Boot Mode: Normal

fixlist content:
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> DefaultScope {7456CDB6-5E98-44EE-808E-38D2C97F8A39} URL = hxxps://{searchTerms}&sourceid=ie7&{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
SearchScopes: HKU\S-1-5-21-60154957-2074947926-1104247860-1001 -> {7456CDB6-5E98-44EE-808E-38D2C97F8A39} URL = hxxps://{searchTerms}&sourceid=ie7&{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
FirewallRules: [UDP Query User{34671FCF-7ACD-45F6-82F5-076EFC9FCE8B}C:\users\jarda\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jarda\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{F5AF5220-75F0-406F-A868-ABD71CF1F97C}C:\users\jarda\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jarda\appdata\local\akamai\netsession_win.exe => No File
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2915F35F-636B-49A6-A43D-D58608E2196C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001Core => C:\Users\jarda\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {37671529-4F0A-4312-BE3B-988AAD8B1C06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001UA => C:\Users\jarda\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {B9E90FFD-9416-47B2-9DEE-BFC118E72930} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-01] (Google Inc -> Google Inc.)
Task: {E37E4D6D-30B9-4F02-8D1E-355160982EF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-01] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-60154957-2074947926-1104247860-1001: -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]


Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D} => removed successfully
HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB} => removed successfully
HKU\S-1-5-21-60154957-2074947926-1104247860-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-60154957-2074947926-1104247860-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7456CDB6-5E98-44EE-808E-38D2C97F8A39} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{34671FCF-7ACD-45F6-82F5-076EFC9FCE8B}C:\users\jarda\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F5AF5220-75F0-406F-A868-ABD71CF1F97C}C:\users\jarda\appdata\local\akamai\netsession_win.exe" => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2915F35F-636B-49A6-A43D-D58608E2196C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2915F35F-636B-49A6-A43D-D58608E2196C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37671529-4F0A-4312-BE3B-988AAD8B1C06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37671529-4F0A-4312-BE3B-988AAD8B1C06}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B9E90FFD-9416-47B2-9DEE-BFC118E72930}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9E90FFD-9416-47B2-9DEE-BFC118E72930}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E37E4D6D-30B9-4F02-8D1E-355160982EF6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E37E4D6D-30B9-4F02-8D1E-355160982EF6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKU\S-1-5-21-60154957-2074947926-1104247860-1001\Software\MozillaPlugins\ => removed successfully
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll" => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-60154957-2074947926-1104247860-1001Core" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 150025794 B
Java, Flash, Steam htmlcache => 56212448 B
Windows/system/drivers => 24800 B
Edge => 0 B
Chrome => 1430240 B
Firefox => 306273 B
Opera => 132444758 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 12418 B
NetworkService => 14010 B
jarda => 24941130 B

RecycleBin => 0 B
EmptyTemp: => 358.5 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 21:41:13 ====

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43107
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 07 bře 2021 22:18

Je třeba ještě uvolnit to místo , disk je malý ...jinak budou problémy s windows.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 08 bře 2021 08:17

už jsem to vyyč tu 51 GB volných ze 110 GB

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 08 bře 2021 09:14

začala online výuka... na google meet... a zase se mu schůzka zavřela.. z důvodu ztráty připojení... musel jsem mu spustit muj starý notebook... ten jede bez problémů...tak nevím.. jestli se nakonec nevyhnu reinstalaci

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43107
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 08 bře 2021 16:53

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

CMD: netsh int ip reset
CMD: ipconfig /flushDNS
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Level 1.5
Level 1.5
Příspěvky: 113
Registrován: červenec 07
Pohlaví: Nespecifikováno

Re: prosím o kontrolu logu

Příspěvekod petee.n » 08 bře 2021 18:42

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by jarda (08-03-2021 18:33:07) Run:2
Running from C:\Users\jarda\OneDrive\Plocha
Loaded Profiles: jarda
Boot Mode: Normal

fixlist content:
CMD: netsh int ip reset
CMD: ipconfig /flushDNS

CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R


Restore point was successfully created.
Processes closed successfully.

========= netsh int ip reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Pýˇstup byl odepýen.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= ipconfig /flushDNS =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= "C:\Windows\SYSTEM32\lodctr.exe" /R =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= "C:\Windows\SysWOW64\lodctr.exe" /R =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22239647 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5263806 B
Edge => 0 B
Chrome => 13283813 B
Firefox => 0 B
Opera => 48796205 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15798 B
NetworkService => 18980 B
jarda => 192993 B

RecycleBin => 0 B
EmptyTemp: => 95.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 18:33:42 ====

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti