Kompletně zpomalený notebook

Zpráva

omar · #1 Příspěvek od **omar** » 29 pro 2019 16:28

Dobrý den,

rád bych poprosil o kontrolu logu. PC je kompletně zpomalené, od startu jednoduchou práci až po vypnutí. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by HP (administrator) on OMAR (Hewlett-Packard HP Pavilion dv6 Notebook PC) (29-12-2019 16:07:23)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(Dassault Systemes) [File not signed] C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.) [File not signed]
HKLM\...\Run: [MMReminderService] => C:\Program Files\Mindjet\MindManager 17\MMReminderService.exe [124616 2016-11-30] (Corel Corporation -> Mindjet)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [183088 2019-12-19] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe [414656 2018-10-25] (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB}] -> C:\Program Files\Mindjet\MindManager 17\sys\MmInternetExplorerActiveSetup.vbs
BootExecute: autocheck autochk *

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A4E3749-F1CB-4AFA-8931-8DCB05940086} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
Task: {3628A419-FEF1-49CF-9512-E223D33D5BA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
Task: {41BDC851-7201-4E82-9F29-E0DE006FB542} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24667928 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {467F0685-829A-45A8-8CAF-ECDF56A7E87A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2058560 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C8E5F04-5511-46FC-B6F4-370DFF46470B} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [430984 2010-03-25] (Minitab, Inc. -> Minitab)
Task: {5291B013-58A4-4AE5-AF48-C66D7DEA02F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6109080 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B6032BF-A587-460D-AAEF-CBD073D9D9C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24667928 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6313A704-AF50-4537-BD30-439CC29B5619} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2058560 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {67B43A3C-9068-42FD-8677-AD79170C9A27} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {86B14A71-7A97-413E-82B5-B3228C711A4E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136688 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
Task: {9CF886D3-1A34-4A14-925A-02024454103D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\IObit Driver Booster\IObit Driver Booster\Driver Booster\Scheduler.exe [147232 2017-12-11] (IObit Information Technology -> IObit)
Task: {A7A07F81-BB06-42D6-A2B2-52398C4AD329} - System32\Tasks\Driver Booster SkipUAC (HP) => C:\Program Files (x86)\IObit\IObit Driver Booster\IObit Driver Booster\Driver Booster\DriverBooster.exe [6058784 2018-01-12] (IObit Information Technology -> IObit) [File not signed]
Task: {A92524F8-0508-4CFC-9A76-1DB2E69AB340} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0F0567A-EF61-4B33-B19C-C6E5385A1F45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16467424 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CF338B1B-2211-4849-AAF6-91832FDBEB9A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {E9FC4462-7404-4C33-9F0B-7E0287B842D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F21D0E2B-E0DE-4CAF-8DB6-E23C748AA1E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6109080 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{148bb867-3ddc-4ade-af32-1479bd21fa9b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d3fe3cec-24de-40e8-b104-26ad4bd0ecad}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-559692135-8497052-1209249446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {04F8E5EE-DB4A-498C-A718-546FDA7B91A1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {0D04E46E-9F9A-4DEC-B2EB-2402EB567F22} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {104288F0-5BED-4695-AFF4-B97DDEA35E71} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {14FB0ECB-585A-4DEE-979B-2D5B38568787} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {41D5C8BB-6F41-4718-BFB4-D23FC352FC71} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {770746A7-C47B-4222-AF5C-C12E43533D41} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {AFF94F12-9074-4C26-B9E5-9B4B51CCF283} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10440__190224&q={searchTerms}
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {E37BFB27-554B-4815-86A0-3698AF89CA4C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {EE92CE6F-C278-4F7E-88EC-7C1642B87008} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_40139
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\Mindjet\MindManager 17\Mm8InternetExplorer.dll [2016-11-30] (Corel Corporation -> Mindjet)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: k4h86qir.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default [2019-12-29]
FF Homepage: Mozilla\Firefox\Profiles\k4h86qir.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190224
FF NewTab: Mozilla\Firefox\Profiles\k4h86qir.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190224
FF Extension: (Seznam doplněk - Esko) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\Extensions\sko-extension@firma.seznam.cz [2019-02-27]
FF Extension: (Seznam doplněk - Email) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2019-02-27]
FF SearchPlugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\searchplugins\securesearch.xml [2019-02-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-29]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/","hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://nladljmabboanhihfkjacnnkgjhnokhj/new-tab.html", Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Notifications: Default -> hxxps://hackercombat.com
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2019-12-29]
CHR Extension: (Seznam doplněk - Email) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-11-02]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-31]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-21]
CHR Extension: (Adaware Secure) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-11-20]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-29]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-26]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-26]
CHR HKU\S-1-5-21-559692135-8497052-1209249446-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-559692135-8497052-1209249446-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 BBDemon; C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [36864 2010-01-09] (Dassault Systemes) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11199776 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2245488 2019-12-19] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2245488 2019-12-19] (ESET, spol. s r.o. -> ESET)
S3 hpqwmiex; C:\Users\HP\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [794112 2019-02-07] (Hewlett-Packard Company) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279248 2019-02-28] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-25] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-25] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-30] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-30] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-30] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-30] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79744 2019-12-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-12-19] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [181160 2019-03-10] (ESET, spol. s r.o. -> ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-03-03] (Glarysoft LTD -> Glarysoft Ltd)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-02-28] (Martin Malik - REALiX -> REALiX(tm))
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM Polska Sp. z o.o. -> IBM)
R3 ROCKEYNT; C:\Windows\system32\DRIVERS\Rockey4.sys [36904 2019-04-07] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1158944 2019-09-08] (Realtek Semiconductor Corp. -> Realtek )
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 16:07 - 2019-12-29 16:09 - 000026609 _____ C:\Users\HP\Desktop\FRST.txt
2019-12-29 16:06 - 2019-12-29 16:08 - 000000000 ____D C:\FRST
2019-12-29 16:05 - 2019-12-29 16:05 - 002272256 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 16:02 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-29 16:02 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2019-12-29 16:01 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-29 16:01 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-29 15:59 - 2019-03-07 17:30 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-29 15:57 - 2019-01-28 12:28 - 000000000 ____D C:\Windows\system32\MRT
2019-12-29 15:53 - 2019-02-28 18:16 - 000003076 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (HP)
2019-12-29 15:52 - 2019-01-28 12:28 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-29 15:51 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2019-12-29 15:48 - 2019-03-03 20:16 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-12-19 18:09 - 2019-02-24 20:18 - 000000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2019-12-19 18:02 - 2019-01-28 12:13 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-19 18:02 - 2018-09-15 18:32 - 000718198 _____ C:\Windows\system32\perfh005.dat
2019-12-19 18:02 - 2018-09-15 18:32 - 000145242 _____ C:\Windows\system32\perfc005.dat
2019-12-19 18:02 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2019-12-19 17:55 - 2019-01-28 12:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-19 17:53 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-12-19 17:51 - 2019-02-07 15:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 17:51 - 2019-02-07 15:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-19 17:43 - 2019-02-07 15:26 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-19 17:43 - 2019-02-07 15:26 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-19 17:42 - 2019-11-10 10:16 - 000000000 ____D C:\ProgramData\Origin
2019-12-19 17:41 - 2016-08-08 10:19 - 000116696 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-12-19 17:41 - 2016-08-08 10:19 - 000079744 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-12-19 17:40 - 2019-11-10 10:16 - 000000000 ____D C:\Users\HP\AppData\Roaming\Origin
2019-12-10 08:58 - 2019-02-07 15:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-10 07:13 - 2019-01-28 12:15 - 000003344 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559692135-8497052-1209249446-1001
2019-12-10 07:11 - 2019-07-01 18:15 - 000002382 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-10 07:11 - 2019-01-28 12:15 - 000000000 ___RD C:\Users\HP\OneDrive
2019-12-10 06:55 - 2019-11-10 10:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-12-10 06:53 - 2019-01-28 11:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-03 16:32 - 2019-02-07 15:49 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2019-11-30 20:28 - 2019-01-28 12:12 - 000000000 ____D C:\Users\HP
2019-11-30 20:26 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\NDF
2019-11-30 20:25 - 2016-08-08 10:19 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#2 Příspěvek od **Rudy** » 29 pro 2019 16:54

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

omar · #3 Příspěvek od **omar** » 29 pro 2019 17:14

Díky za odpověď, níže log.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-29-2019
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 47
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\Users\HP\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\HP\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\HP\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\searchplugins\securesearch.xml
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SKIPUAC (HP)

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7A07F81-BB06-42D6-A2B2-52398C4AD329}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CF886D3-1A34-4A14-925A-02024454103D}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7A07F81-BB06-42D6-A2B2-52398C4AD329}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVER BOOSTER SKIPUAC (HP)
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted Adaware Secure Search
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

Deleted Speedbit Search
Deleted Speedbit Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted http://securedsearch.lavasoft.com/?pr=v ... 40__190224

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5729 octets] - [29/12/2019 17:08:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 29 pro 2019 17:54

Dejte nové logy FRST+Addition.

omar · #5 Příspěvek od **omar** » 29 pro 2019 18:01

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by HP (administrator) on OMAR (Hewlett-Packard HP Pavilion dv6 Notebook PC) (29-12-2019 17:58:32)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 10 Home Version 1809 17763.914 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(Dassault Systemes) [File not signed] C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1910.1283.0_x64__8wekyb3d8bbwe\LocalBridge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.850_none_7e18264b4d00f498\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.) [File not signed]
HKLM\...\Run: [MMReminderService] => C:\Program Files\Mindjet\MindManager 17\MMReminderService.exe [124616 2016-11-30] (Corel Corporation -> Mindjet)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [183088 2019-12-19] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe [414656 2018-10-25] (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB}] -> C:\Program Files\Mindjet\MindManager 17\sys\MmInternetExplorerActiveSetup.vbs
BootExecute: autocheck autochk *

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A4E3749-F1CB-4AFA-8931-8DCB05940086} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
Task: {3628A419-FEF1-49CF-9512-E223D33D5BA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
Task: {41BDC851-7201-4E82-9F29-E0DE006FB542} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24667928 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {467F0685-829A-45A8-8CAF-ECDF56A7E87A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2058560 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C8E5F04-5511-46FC-B6F4-370DFF46470B} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [430984 2010-03-25] (Minitab, Inc. -> Minitab)
Task: {5291B013-58A4-4AE5-AF48-C66D7DEA02F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6109080 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B6032BF-A587-460D-AAEF-CBD073D9D9C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24667928 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6313A704-AF50-4537-BD30-439CC29B5619} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2058560 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {67B43A3C-9068-42FD-8677-AD79170C9A27} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {86B14A71-7A97-413E-82B5-B3228C711A4E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136688 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
Task: {A92524F8-0508-4CFC-9A76-1DB2E69AB340} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0F0567A-EF61-4B33-B19C-C6E5385A1F45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16467424 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CF338B1B-2211-4849-AAF6-91832FDBEB9A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {E9FC4462-7404-4C33-9F0B-7E0287B842D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F21D0E2B-E0DE-4CAF-8DB6-E23C748AA1E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6109080 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{148bb867-3ddc-4ade-af32-1479bd21fa9b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d3fe3cec-24de-40e8-b104-26ad4bd0ecad}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-559692135-8497052-1209249446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {04F8E5EE-DB4A-498C-A718-546FDA7B91A1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {0D04E46E-9F9A-4DEC-B2EB-2402EB567F22} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {104288F0-5BED-4695-AFF4-B97DDEA35E71} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {14FB0ECB-585A-4DEE-979B-2D5B38568787} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {41D5C8BB-6F41-4718-BFB4-D23FC352FC71} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {770746A7-C47B-4222-AF5C-C12E43533D41} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {AFF94F12-9074-4C26-B9E5-9B4B51CCF283} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {E37BFB27-554B-4815-86A0-3698AF89CA4C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {EE92CE6F-C278-4F7E-88EC-7C1642B87008} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_40139
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\Mindjet\MindManager 17\Mm8InternetExplorer.dll [2016-11-30] (Corel Corporation -> Mindjet)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: k4h86qir.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default [2019-12-29]
FF Homepage: Mozilla\Firefox\Profiles\k4h86qir.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\k4h86qir.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190224
FF Extension: (Seznam doplněk - Esko) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\Extensions\sko-extension@firma.seznam.cz [2019-02-27]
FF Extension: (Seznam doplněk - Email) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2019-02-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-29]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/","hxxp://www.seznam.cz/"
CHR Notifications: Default -> hxxps://hackercombat.com
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2019-12-29]
CHR Extension: (Seznam doplněk - Email) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-12-29]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-31]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-29]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-26]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-26]
CHR HKU\S-1-5-21-559692135-8497052-1209249446-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-559692135-8497052-1209249446-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 BBDemon; C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [36864 2010-01-09] (Dassault Systemes) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11199776 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2245488 2019-12-19] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2245488 2019-12-19] (ESET, spol. s r.o. -> ESET)
S3 hpqwmiex; C:\Users\HP\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [794112 2019-02-07] (Hewlett-Packard Company) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279248 2019-02-28] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-25] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-25] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-30] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-30] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-30] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-30] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79744 2019-12-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-12-19] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [181160 2019-03-10] (ESET, spol. s r.o. -> ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-03-03] (Glarysoft LTD -> Glarysoft Ltd)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-02-28] (Martin Malik - REALiX -> REALiX(tm))
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM Polska Sp. z o.o. -> IBM)
R3 ROCKEYNT; C:\Windows\system32\DRIVERS\Rockey4.sys [36904 2019-04-07] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1158944 2019-09-08] (Realtek Semiconductor Corp. -> Realtek )
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 17:06 - 2019-12-29 17:08 - 000000000 ____D C:\AdwCleaner
2019-12-29 17:06 - 2019-12-29 17:06 - 008237744 _____ (Malwarebytes) C:\Users\HP\Downloads\adwcleaner_8.0.1.exe
2019-12-29 16:55 - 2019-12-29 16:56 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2019-12-29 16:55 - 2019-12-29 16:55 - 000001265 _____ C:\Users\HP\Desktop\CrystalDiskInfo.lnk
2019-12-29 16:55 - 2019-12-29 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-12-29 16:54 - 2019-12-29 16:55 - 003956368 _____ (Crystal Dew World ) C:\Users\HP\Downloads\CrystalDiskInfo7_0_4-en.exe
2019-12-29 16:07 - 2019-12-29 18:00 - 000024522 _____ C:\Users\HP\Desktop\FRST.txt
2019-12-29 16:06 - 2019-12-29 17:59 - 000000000 ____D C:\FRST
2019-12-29 16:05 - 2019-12-29 16:05 - 002272256 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2019-12-29 15:46 - 2019-12-29 15:46 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-12-29 15:46 - 2019-12-29 15:46 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-12-29 15:46 - 2019-12-29 15:46 - 001201128 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 007886848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 007645384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 006541712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 006444032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 003638272 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-12-29 15:45 - 2019-12-29 15:45 - 003576832 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 003387392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-12-29 15:45 - 2019-12-29 15:45 - 002699768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002233688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002192384 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002072384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-29 15:45 - 2019-12-29 15:45 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001677808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001676288 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001668960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001666440 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001656192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001473088 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 001465264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000901120 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000793824 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000764928 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000678672 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000603792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000508928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000505632 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000408736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 18:00 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-29 17:29 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-29 17:29 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2019-12-29 17:19 - 2019-03-03 20:16 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-12-29 17:17 - 2019-01-28 12:13 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-29 17:17 - 2018-09-15 18:32 - 000718198 _____ C:\Windows\system32\perfh005.dat
2019-12-29 17:17 - 2018-09-15 18:32 - 000145242 _____ C:\Windows\system32\perfc005.dat
2019-12-29 17:17 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2019-12-29 17:15 - 2019-02-24 20:18 - 000000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2019-12-29 17:15 - 2019-02-07 15:49 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2019-12-29 17:11 - 2019-01-28 11:59 - 000407328 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-29 17:10 - 2019-01-28 12:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-29 17:09 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-12-29 17:08 - 2019-02-28 18:16 - 000000000 ____D C:\Users\HP\AppData\Roaming\IObit
2019-12-29 17:08 - 2019-02-28 18:16 - 000000000 ____D C:\ProgramData\IObit
2019-12-29 17:08 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-12-29 17:08 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2019-12-29 16:01 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-29 15:59 - 2019-03-07 17:30 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-29 15:57 - 2019-01-28 12:28 - 000000000 ____D C:\Windows\system32\MRT
2019-12-29 15:52 - 2019-01-28 12:28 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-29 15:51 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2019-12-19 17:51 - 2019-02-07 15:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 17:51 - 2019-02-07 15:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-19 17:43 - 2019-02-07 15:26 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-19 17:43 - 2019-02-07 15:26 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-19 17:42 - 2019-11-10 10:16 - 000000000 ____D C:\ProgramData\Origin
2019-12-19 17:41 - 2016-08-08 10:19 - 000116696 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-12-19 17:41 - 2016-08-08 10:19 - 000079744 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-12-19 17:40 - 2019-11-10 10:16 - 000000000 ____D C:\Users\HP\AppData\Roaming\Origin
2019-12-10 08:58 - 2019-02-07 15:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-10 07:13 - 2019-01-28 12:15 - 000003344 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559692135-8497052-1209249446-1001
2019-12-10 07:11 - 2019-07-01 18:15 - 000002382 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-10 07:11 - 2019-01-28 12:15 - 000000000 ___RD C:\Users\HP\OneDrive
2019-12-10 06:55 - 2019-11-10 10:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-12-10 06:53 - 2019-01-28 11:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-30 20:28 - 2019-01-28 12:12 - 000000000 ____D C:\Users\HP
2019-11-30 20:26 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\NDF
2019-11-30 20:25 - 2016-08-08 10:19 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by HP (29-12-2019 18:00:42)
Running from C:\Users\HP\Desktop
Windows 10 Home Version 1809 17763.914 (X64) (2019-01-28 11:08:38)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-559692135-8497052-1209249446-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-559692135-8497052-1209249446-503 - Limited - Disabled)
Guest (S-1-5-21-559692135-8497052-1209249446-501 - Limited - Disabled)
HP (S-1-5-21-559692135-8497052-1209249446-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-559692135-8497052-1209249446-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AutoCAD 2019 – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 – Čeština (Czech) (HKLM\...\AutoCAD 2019 – Čeština (Czech)) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\{50EDF910-0000-1033-0102-E3D118CE2EEA}) (Version: 5.0.0.40 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk)
Autodesk ReCap Photo (HKLM\...\{0E4FA9C0-0000-1033-0102-1B3A7F15D307}) (Version: 19.0.0.38 - Autodesk) Hidden
Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk)
Bootstrapper (HKLM-x32\...\{EFDD0584-E443-4CA8-8B79-E5BE7B22651D}) (Version: 1.0.0.0 - Minitab, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform)
CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
Dassault Systemes Software B20 (HKLM\...\Dassault Systemes B20_0) (Version: - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Glary Utilities PRO 5.130 (HKLM-x32\...\Glary Utilities 5) (Version: 5.130.0.156 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
IObit Driver Booster (HKLM-x32\...\{2E29F3D8-99B4-4B2F-A93F-827DFFF26970}) (Version: 1.0.0 - IObit)
Kolekce The Sims™ 3 Moje městečko (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Kolekce The Sims™ 3 Styl 70., 80. a 90. let (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Kolekce The Sims™ 3 Zahradní mejdan (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Kolekce The Sims™ 3 Na plný plyn (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\Proplus2019Retail - cs-cz) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz.proof (HKLM\...\Proplus2019Retail - cs-cz.proof) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us.proof (HKLM\...\Proplus2019Retail - en-us.proof) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mindjet MindManager 2017 (HKLM\...\{BF3C3096-DD7F-49FE-896E-7D3E7DB91C91}) (Version: 17.1.167 - Mindjet)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.1.0 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.0.0.0 - Minitab, Inc.)
Minitab16 (HKLM-x32\...\{3686ED2F-634B-45EE-84BB-18D17119A582}) (Version: 16.1.0.0 - Minitab Inc) Hidden
Minitab16 (HKLM-x32\...\{63FD90F3-58B5-4A25-9C47-428576D994D0}) (Version: 16.1.0.0 - Minitab, Inc.) Hidden
Minitab16 (HKLM-x32\...\{B565A187-9E9C-42B6-A051-99223EB7E05B}) (Version: 16.1.0.0 - Minitab Inc) Hidden
Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.16.29 - Autodesk)
SoftwareManager (HKLM-x32\...\{1C92C419-4DAA-4B9B-B04F-C2E3CDEDCAF9}) (Version: 1.0.0.0 - Minitab, Inc.) Hidden
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Diesel Kolekce (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Filmové rekvizity (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Přepychové ložnice Kolekce (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Sladké radosti Katy Perry (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Studentský život (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
VBA (3821b) (HKLM-x32\...\{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
ZWCAD Mechanical 2015 (HKLM-x32\...\{8D36B335-F5B1-437E-BA2B-E4544BF9772E}) (Version: 1.0.0 - ZWSoft)
ZWCAD Mechanical 2015 Resource Package (HKLM-x32\...\{FB8DB18F-1843-4918-B3E3-F10D7E27059C}) (Version: 1.0.0 - ZWsoft)
ZWCAD+ 2014 (HKLM-x32\...\{9ACA2843-A001-0000-A001-71159ABDD80F}) (Version: 14.0.3.1237 - ZWSOFT) Hidden
ZWCAD+ 2014 Czech (HKLM-x32\...\{EC7D6813-6893-409A-AB22-94E24369F5E6}) (Version: 14.0.3.1237 - ZWSOFT)
ZWCAD+ 2014 Language Pack - Czech (HKLM-x32\...\{9ACA2843-A001-1029-A101-71159ABDD80F}) (Version: 14.0.3.1237 - ZWSOFT) Hidden

Packages:
=========
8 Zip Lite - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.2.150.0_x64__b6e429xa66pga [2019-02-26] (Finebits OÜ) [MS Ad]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-29] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-11-02] (Thumbmunkeys Ltd) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2019-06-16] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2019-06-16] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-12-19 17:45 - 2019-11-17 23:07 - 000281600 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVFILESYSTEMMETADATA.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000400896 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvApi.dll
2019-12-19 17:45 - 2019-11-17 23:07 - 001124864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvSubsystemController.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000519680 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvVirtualization.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000836608 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVOrchestration.dll
2019-12-19 17:45 - 2019-11-17 23:07 - 000585008 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVCatalog.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 001642800 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIntegration.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000177968 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvStreamingManager.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 001010992 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVMANIFEST.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 001091888 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVPOLICY.dll
2019-11-12 19:58 - 2019-11-10 10:18 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-559692135-8497052-1209249446-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-559692135-8497052-1209249446-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "MMReminderService"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C877A85E-B2FD-4176-8133-20D7347A3E8F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E62881B7-9E27-4E54-8ABB-257B4241DC6F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB3007E1-07BC-46D2-9156-6C855513F2FB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B98FB333-8349-4E4D-9130-7F409280F497}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{24991BA5-EF5A-4200-AA63-2B6A5C58D8C5}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{0848160E-493B-408A-8A4E-F1EDEEC5AAF9}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{049C5CD7-3D83-440F-A847-B84BC8FD1F5C}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{37DB4E6B-5BE9-42C2-825F-4A5811804B37}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{49B4B3A7-6829-45B3-9539-A0337CB045FD}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{B3D430E7-97B7-4D5A-A03E-A9EA2FFF7F89}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{081425AF-7D92-4165-83BB-4514B723AF0D}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{F10712AC-BF24-4881-A182-0EF3F2930022}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{0E4522AB-81B4-4E9F-A00D-CB9E5230F4EF}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{E1AF51E2-4F6D-47FC-B258-907DCD4138B2}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{11D8539E-C435-41AA-911A-D551B09476A6}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{A5EAF838-D4FD-48D3-8E87-4EA7BF1923E4}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{476B2A7E-27AC-4601-A930-33E413BD094D}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwSyble.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{C3CC689F-0A5D-4254-B07E-34A68378A53B}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwSyble.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{279382BD-7115-4822-8F97-32A470A99185}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.) [File not signed]
FirewallRules: [{2842FC69-2B57-4A64-B22E-466910925B89}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.) [File not signed]
FirewallRules: [{BF274251-D301-4F98-9E3F-88C06283CC93}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{9597FF2B-BB34-46CD-A2AB-CAC510B2C341}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{29E97D38-1618-4153-8C12-F0C40EA18977}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{B38CD689-F832-4BA8-A8F2-99ED5C966F4B}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{5538E21E-7E8D-4AF0-9B3D-D7F187254B35}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{4357DF77-9FB1-46B2-90C0-E2DC41072A93}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{D09CAA84-5CEF-4881-A2DA-A29E7EACF548}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{D75AD38C-F7E0-4B32-83B9-171A5060CB91}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{54325E48-B8B0-4A24-AE28-3A15144D0354}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwSyble.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{D0DC8E9A-9ECE-40B8-A8FF-9F620A9B3119}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwSyble.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [TCP Query User{B475CECD-9273-44EC-BB31-0DA14A1826AF}C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Allow) C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe (Dassault Systemes) [File not signed]
FirewallRules: [UDP Query User{29953AB9-EE19-4F28-B615-ECD2C81BE1F4}C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Allow) C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe (Dassault Systemes) [File not signed]
FirewallRules: [{89007969-568E-4171-8230-B3B530B3A6D3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8048005-DD76-4E43-9ED4-CC1CC8203C7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{51AC7886-3A4A-4D39-8961-462811FD8B73}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFE33915-9721-49D0-A5A0-632D6EE5E905}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{06745F54-5BEA-4F64-A0AA-F166B4D3F13A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F952119-76B5-4FD6-A9B0-1BBEEACC66EB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F6FE490C-FCCD-49D5-8C1A-00BB1ACB7518}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EC5AB58-1B44-41FB-8BD3-1A078B3F6903}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9CDD50D-E8A2-4DEC-83AE-503DA3B644C7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93BC58B3-E333-49A5-AB11-C48761F469BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Restore Points =========================

20-11-2019 12:26:39 Naplánovaný kontrolní bod
02-12-2019 15:31:31 Naplánovaný kontrolní bod
19-12-2019 18:07:53 Windows Update
29-12-2019 15:49:26 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/29/2019 05:15:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0xef4
Čas spuštění chybující aplikace: 0x01d5be62e444665f
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: a1ab6346-b08c-48be-9075-911f19e81fe1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/03/2019 04:32:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x2a40
Čas spuštění chybující aplikace: 0x01d5a9ee281b1471
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: c91aa8e8-9c06-48d5-bf1b-e5cf007ff503
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/03/2019 07:03:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Integrator.exe, verze: 5.130.0.156, časové razítko: 0x5db258a8
Název chybujícího modulu: MSVCR90.dll, verze: 9.0.30729.9518, časové razítko: 0x5b690a0f
Kód výjimky: 0xc0000417
Posun chyby: 0x0003523b
ID chybujícího procesu: 0x2950
Čas spuštění chybující aplikace: 0x01d5a99f61ddc110
Cesta k chybující aplikaci: C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
Cesta k chybujícímu modulu: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9518_none_508db366bcbd18c4\MSVCR90.dll
ID zprávy: 7af37492-537d-4202-b2ce-1add21177dc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/03/2019 07:02:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x2be0
Čas spuštění chybující aplikace: 0x01d5a99ef5af0f12
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 127a6d05-f915-4dfc-9511-fb3a40c033d3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/02/2019 11:58:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1b18
Čas spuštění chybující aplikace: 0x01d5a8ff4bf58557
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 74428661-8075-4803-a7a9-8761b67113ae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/30/2019 08:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x14ec
Čas spuštění chybující aplikace: 0x01d5a7b85d29d891
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 86f51449-85d0-474b-a6ed-9318d8521856
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/25/2019 03:51:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x49c
Čas spuštění chybující aplikace: 0x01d5a39efbd2f693
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 1c44fa2b-3052-4191-84f3-d1209ef84614
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/19/2019 07:16:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x2f6c
Čas spuštění chybující aplikace: 0x01d59ea02345b4c6
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 7d00f725-7ccc-4ebb-9d0f-b828bb596712
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (12/29/2019 05:15:25 PM) (Source: DCOM) (EventID: 10016) (User: OMAR)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli OMAR\HP (SID: S-1-5-21-559692135-8497052-1209249446-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/29/2019 05:08:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/29/2019 05:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/29/2019 05:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Validity WBF Policy Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/29/2019 05:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FlexNet Licensing Service 64 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/29/2019 05:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Backbone Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/29/2019 05:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Andrea ST Filters Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/29/2019 05:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2019-02-07 15:07:23.809
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {451271AA-3DEC-4B12-AC8C-DD97527C5B89}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-02-05 17:39:11.374
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8978230C-122E-469C-8518-18B21EB3523D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-11-21 18:54:55.879
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 18:54:55.872
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 18:54:55.857
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 18:54:55.851
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.676
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.668
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.651
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.644
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Hewlett-Packard F.1B 10/05/2011
Motherboard: Hewlett-Packard 1656
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 37%
Total physical RAM: 8139.86 MB
Available physical RAM: 5064.7 MB
Total Virtual: 9419.86 MB
Available Virtual: 6412.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:108.62 GB) NTFS

\\?\Volume{191739fe-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.14 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 191739FE)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#6 Příspěvek od **Rudy** » 29 pro 2019 19:01

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Policies\Explorer: []
Task: {1A4E3749-F1CB-4AFA-8931-8DCB05940086} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
Task: {3628A419-FEF1-49CF-9512-E223D33D5BA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
FF NewTab: Mozilla\Firefox\Profiles\k4h86qir.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 40__190224
CHR Notifications: Default -> hxxps://hackercombat.com
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

omar · #7 Příspěvek od **omar** » 29 pro 2019 20:31

Log se mi nezobrazil a asi ani neuložil, po dokončení se pc restartoval. Zde posílám nový log.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by HP (administrator) on OMAR (Hewlett-Packard HP Pavilion dv6 Notebook PC) (29-12-2019 20:25:52)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 10 Home Version 1809 17763.914 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(Dassault Systemes) [File not signed] C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.) [File not signed]
HKLM\...\Run: [MMReminderService] => C:\Program Files\Mindjet\MindManager 17\MMReminderService.exe [124616 2016-11-30] (Corel Corporation -> Mindjet)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [183088 2019-12-19] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe [414656 2018-10-25] (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB}] -> C:\Program Files\Mindjet\MindManager 17\sys\MmInternetExplorerActiveSetup.vbs
BootExecute: autocheck autochk *

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {41BDC851-7201-4E82-9F29-E0DE006FB542} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24667928 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {467F0685-829A-45A8-8CAF-ECDF56A7E87A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2058560 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C8E5F04-5511-46FC-B6F4-370DFF46470B} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [430984 2010-03-25] (Minitab, Inc. -> Minitab)
Task: {5291B013-58A4-4AE5-AF48-C66D7DEA02F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6109080 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B6032BF-A587-460D-AAEF-CBD073D9D9C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24667928 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6313A704-AF50-4537-BD30-439CC29B5619} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2058560 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {67B43A3C-9068-42FD-8677-AD79170C9A27} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {86B14A71-7A97-413E-82B5-B3228C711A4E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136688 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
Task: {A92524F8-0508-4CFC-9A76-1DB2E69AB340} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0F0567A-EF61-4B33-B19C-C6E5385A1F45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16467424 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CF338B1B-2211-4849-AAF6-91832FDBEB9A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {E9FC4462-7404-4C33-9F0B-7E0287B842D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F21D0E2B-E0DE-4CAF-8DB6-E23C748AA1E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6109080 2019-12-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{148bb867-3ddc-4ade-af32-1479bd21fa9b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d3fe3cec-24de-40e8-b104-26ad4bd0ecad}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-559692135-8497052-1209249446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {04F8E5EE-DB4A-498C-A718-546FDA7B91A1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {0D04E46E-9F9A-4DEC-B2EB-2402EB567F22} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {104288F0-5BED-4695-AFF4-B97DDEA35E71} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {14FB0ECB-585A-4DEE-979B-2D5B38568787} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {41D5C8BB-6F41-4718-BFB4-D23FC352FC71} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {770746A7-C47B-4222-AF5C-C12E43533D41} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {AFF94F12-9074-4C26-B9E5-9B4B51CCF283} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {E37BFB27-554B-4815-86A0-3698AF89CA4C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_40139
SearchScopes: HKU\S-1-5-21-559692135-8497052-1209249446-1001 -> {EE92CE6F-C278-4F7E-88EC-7C1642B87008} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_40139
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\Mindjet\MindManager 17\Mm8InternetExplorer.dll [2016-11-30] (Corel Corporation -> Mindjet)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: k4h86qir.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default [2019-12-29]
FF Homepage: Mozilla\Firefox\Profiles\k4h86qir.default -> hxxps://www.google.com/
FF Extension: (Seznam doplněk - Esko) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\Extensions\sko-extension@firma.seznam.cz [2019-02-27]
FF Extension: (Seznam doplněk - Email) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\k4h86qir.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2019-02-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-29]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/","hxxp://www.seznam.cz/"
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2019-12-29]
CHR Extension: (Seznam doplněk - Email) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-12-29]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-31]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-29]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-29]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-29]
CHR HKU\S-1-5-21-559692135-8497052-1209249446-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-559692135-8497052-1209249446-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 BBDemon; C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [36864 2010-01-09] (Dassault Systemes) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11199776 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2245488 2019-12-19] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2245488 2019-12-19] (ESET, spol. s r.o. -> ESET)
S3 hpqwmiex; C:\Users\HP\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [794112 2019-02-07] (Hewlett-Packard Company) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279248 2019-02-28] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-25] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-25] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-30] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-30] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-30] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-30] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79744 2019-12-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-12-19] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [181160 2019-03-10] (ESET, spol. s r.o. -> ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-03-03] (Glarysoft LTD -> Glarysoft Ltd)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-02-28] (Martin Malik - REALiX -> REALiX(tm))
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM Polska Sp. z o.o. -> IBM)
R3 ROCKEYNT; C:\Windows\system32\DRIVERS\Rockey4.sys [36904 2019-04-07] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1158944 2019-09-08] (Realtek Semiconductor Corp. -> Realtek )
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 20:14 - 2019-12-29 20:14 - 000000000 ____D C:\Users\HP\Documents\Barča
2019-12-29 20:13 - 2019-12-29 20:13 - 000014546 _____ C:\Users\HP\Downloads\[CzT]Laska_nebeska_Love_Actually_2003_720p_.torrent
2019-12-29 20:12 - 2019-12-29 20:15 - 000005027 _____ C:\Users\HP\Desktop\Fixlog.txt
2019-12-29 18:00 - 2019-12-29 18:02 - 000046308 _____ C:\Users\HP\Desktop\Addition.txt
2019-12-29 17:06 - 2019-12-29 17:08 - 000000000 ____D C:\AdwCleaner
2019-12-29 17:06 - 2019-12-29 17:06 - 008237744 _____ (Malwarebytes) C:\Users\HP\Downloads\adwcleaner_8.0.1.exe
2019-12-29 16:55 - 2019-12-29 18:13 - 000001265 _____ C:\Users\HP\Desktop\CrystalDiskInfo.lnk
2019-12-29 16:55 - 2019-12-29 16:56 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2019-12-29 16:55 - 2019-12-29 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-12-29 16:54 - 2019-12-29 16:55 - 003956368 _____ (Crystal Dew World ) C:\Users\HP\Downloads\CrystalDiskInfo7_0_4-en.exe
2019-12-29 16:07 - 2019-12-29 20:28 - 000023127 _____ C:\Users\HP\Desktop\FRST.txt
2019-12-29 16:06 - 2019-12-29 20:27 - 000000000 ____D C:\FRST
2019-12-29 16:05 - 2019-12-29 16:05 - 002272256 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2019-12-29 15:46 - 2019-12-29 15:46 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-12-29 15:46 - 2019-12-29 15:46 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-12-29 15:46 - 2019-12-29 15:46 - 001201128 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 007886848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 007645384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 006541712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 006444032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 003638272 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-12-29 15:45 - 2019-12-29 15:45 - 003576832 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 003387392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-12-29 15:45 - 2019-12-29 15:45 - 002699768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002233688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002192384 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 002072384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-29 15:45 - 2019-12-29 15:45 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001677808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001676288 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001668960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001666440 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001656192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001473088 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 001465264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000901120 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000793824 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000764928 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000678672 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000603792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000508928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000505632 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-12-29 15:45 - 2019-12-29 15:45 - 000408736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-12-29 15:45 - 2019-12-29 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 20:29 - 2019-02-24 20:18 - 000000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2019-12-29 20:25 - 2019-03-03 20:16 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-12-29 20:25 - 2019-01-28 12:13 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-29 20:25 - 2018-09-15 18:32 - 000718198 _____ C:\Windows\system32\perfh005.dat
2019-12-29 20:25 - 2018-09-15 18:32 - 000145242 _____ C:\Windows\system32\perfc005.dat
2019-12-29 20:25 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2019-12-29 20:21 - 2019-01-28 11:59 - 000308368 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-29 20:21 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-29 20:20 - 2019-01-28 12:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-29 20:19 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-12-29 20:15 - 2019-06-04 18:44 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Temp
2019-12-29 20:07 - 2019-01-28 11:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-29 18:40 - 2019-06-17 16:26 - 000000000 ____D C:\Program Files\Autodesk
2019-12-29 18:40 - 2019-06-17 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2019-12-29 18:40 - 2019-06-17 16:21 - 000000000 ____D C:\ProgramData\Autodesk
2019-12-29 18:33 - 2019-06-17 16:26 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2019-12-29 18:29 - 2019-06-17 16:31 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2019-12-29 18:29 - 2019-06-17 16:30 - 000000000 ____D C:\Users\HP\AppData\Roaming\Autodesk
2019-12-29 17:29 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-29 17:29 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2019-12-29 17:15 - 2019-02-07 15:49 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2019-12-29 17:08 - 2019-02-28 18:16 - 000000000 ____D C:\Users\HP\AppData\Roaming\IObit
2019-12-29 17:08 - 2019-02-28 18:16 - 000000000 ____D C:\ProgramData\IObit
2019-12-29 17:08 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-12-29 17:08 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2019-12-29 16:01 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-29 15:59 - 2019-03-07 17:30 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-29 15:57 - 2019-01-28 12:28 - 000000000 ____D C:\Windows\system32\MRT
2019-12-29 15:52 - 2019-01-28 12:28 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-29 15:51 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2019-12-19 17:51 - 2019-02-07 15:27 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 17:51 - 2019-02-07 15:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-19 17:42 - 2019-11-10 10:16 - 000000000 ____D C:\ProgramData\Origin
2019-12-19 17:41 - 2016-08-08 10:19 - 000116696 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-12-19 17:41 - 2016-08-08 10:19 - 000079744 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-12-19 17:40 - 2019-11-10 10:16 - 000000000 ____D C:\Users\HP\AppData\Roaming\Origin
2019-12-10 08:58 - 2019-02-07 15:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-10 07:13 - 2019-01-28 12:15 - 000003344 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559692135-8497052-1209249446-1001
2019-12-10 07:11 - 2019-07-01 18:15 - 000002382 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-10 07:11 - 2019-01-28 12:15 - 000000000 ___RD C:\Users\HP\OneDrive
2019-12-10 06:55 - 2019-11-10 10:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-11-30 20:28 - 2019-01-28 12:12 - 000000000 ____D C:\Users\HP
2019-11-30 20:26 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\NDF
2019-11-30 20:25 - 2016-08-08 10:19 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-11-30 20:25 - 2016-08-08 10:19 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by HP (29-12-2019 20:29:40)
Running from C:\Users\HP\Desktop
Windows 10 Home Version 1809 17763.914 (X64) (2019-01-28 11:08:38)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-559692135-8497052-1209249446-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-559692135-8497052-1209249446-503 - Limited - Disabled)
Guest (S-1-5-21-559692135-8497052-1209249446-501 - Limited - Disabled)
HP (S-1-5-21-559692135-8497052-1209249446-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-559692135-8497052-1209249446-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Bootstrapper (HKLM-x32\...\{EFDD0584-E443-4CA8-8B79-E5BE7B22651D}) (Version: 1.0.0.0 - Minitab, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform)
CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
Dassault Systemes Software B20 (HKLM\...\Dassault Systemes B20_0) (Version: - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Glary Utilities PRO 5.130 (HKLM-x32\...\Glary Utilities 5) (Version: 5.130.0.156 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
IObit Driver Booster (HKLM-x32\...\{2E29F3D8-99B4-4B2F-A93F-827DFFF26970}) (Version: 1.0.0 - IObit)
Kolekce The Sims™ 3 Moje městečko (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Kolekce The Sims™ 3 Styl 70., 80. a 90. let (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Kolekce The Sims™ 3 Zahradní mejdan (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Kolekce The Sims™ 3 Na plný plyn (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\Proplus2019Retail - cs-cz) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz.proof (HKLM\...\Proplus2019Retail - cs-cz.proof) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us.proof (HKLM\...\Proplus2019Retail - en-us.proof) (Version: 16.0.12410.20000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mindjet MindManager 2017 (HKLM\...\{BF3C3096-DD7F-49FE-896E-7D3E7DB91C91}) (Version: 17.1.167 - Mindjet)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.1.0 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.0.0.0 - Minitab, Inc.)
Minitab16 (HKLM-x32\...\{3686ED2F-634B-45EE-84BB-18D17119A582}) (Version: 16.1.0.0 - Minitab Inc) Hidden
Minitab16 (HKLM-x32\...\{63FD90F3-58B5-4A25-9C47-428576D994D0}) (Version: 16.1.0.0 - Minitab, Inc.) Hidden
Minitab16 (HKLM-x32\...\{B565A187-9E9C-42B6-A051-99223EB7E05B}) (Version: 16.1.0.0 - Minitab Inc) Hidden
Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12410.20000 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.16.29 - Autodesk)
SoftwareManager (HKLM-x32\...\{1C92C419-4DAA-4B9B-B04F-C2E3CDEDCAF9}) (Version: 1.0.0.0 - Minitab, Inc.) Hidden
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Diesel Kolekce (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Filmové rekvizity (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Přepychové ložnice Kolekce (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Sladké radosti Katy Perry (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Studentský život (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
VBA (3821b) (HKLM-x32\...\{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
ZWCAD Mechanical 2015 (HKLM-x32\...\{8D36B335-F5B1-437E-BA2B-E4544BF9772E}) (Version: 1.0.0 - ZWSoft)
ZWCAD Mechanical 2015 Resource Package (HKLM-x32\...\{FB8DB18F-1843-4918-B3E3-F10D7E27059C}) (Version: 1.0.0 - ZWsoft)
ZWCAD+ 2014 (HKLM-x32\...\{9ACA2843-A001-0000-A001-71159ABDD80F}) (Version: 14.0.3.1237 - ZWSOFT) Hidden
ZWCAD+ 2014 Czech (HKLM-x32\...\{EC7D6813-6893-409A-AB22-94E24369F5E6}) (Version: 14.0.3.1237 - ZWSOFT)
ZWCAD+ 2014 Language Pack - Czech (HKLM-x32\...\{9ACA2843-A001-1029-A101-71159ABDD80F}) (Version: 14.0.3.1237 - ZWSOFT) Hidden

Packages:
=========
8 Zip Lite - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.2.150.0_x64__b6e429xa66pga [2019-02-26] (Finebits OÜ) [MS Ad]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-29] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-11-02] (Thumbmunkeys Ltd) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-559692135-8497052-1209249446-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\cs-CZ\acadficn.dll => No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-12-19 17:45 - 2019-11-17 23:07 - 000281600 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVFILESYSTEMMETADATA.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000400896 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvApi.dll
2019-12-19 17:45 - 2019-11-17 23:07 - 001124864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvSubsystemController.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000519680 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvVirtualization.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000836608 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVOrchestration.dll
2019-12-19 17:45 - 2019-11-17 23:07 - 000585008 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVCatalog.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 001642800 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIntegration.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 000177968 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvStreamingManager.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 001010992 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVMANIFEST.dll
2019-12-19 17:45 - 2019-11-17 23:08 - 001091888 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVPOLICY.dll
2019-11-12 19:58 - 2019-11-10 10:18 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-11-14 13:18 - 2019-11-10 10:18 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-559692135-8497052-1209249446-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-559692135-8497052-1209249446-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "MMReminderService"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C877A85E-B2FD-4176-8133-20D7347A3E8F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E62881B7-9E27-4E54-8ABB-257B4241DC6F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB3007E1-07BC-46D2-9156-6C855513F2FB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B98FB333-8349-4E4D-9130-7F409280F497}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{24991BA5-EF5A-4200-AA63-2B6A5C58D8C5}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{0848160E-493B-408A-8A4E-F1EDEEC5AAF9}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{049C5CD7-3D83-440F-A847-B84BC8FD1F5C}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{37DB4E6B-5BE9-42C2-825F-4A5811804B37}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{49B4B3A7-6829-45B3-9539-A0337CB045FD}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{B3D430E7-97B7-4D5A-A03E-A9EA2FFF7F89}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{081425AF-7D92-4165-83BB-4514B723AF0D}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{F10712AC-BF24-4881-A182-0EF3F2930022}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{0E4522AB-81B4-4E9F-A00D-CB9E5230F4EF}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{E1AF51E2-4F6D-47FC-B258-907DCD4138B2}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{11D8539E-C435-41AA-911A-D551B09476A6}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{A5EAF838-D4FD-48D3-8E87-4EA7BF1923E4}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{476B2A7E-27AC-4601-A930-33E413BD094D}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwSyble.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{C3CC689F-0A5D-4254-B07E-34A68378A53B}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2014\ZwSyble.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{279382BD-7115-4822-8F97-32A470A99185}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.) [File not signed]
FirewallRules: [{2842FC69-2B57-4A64-B22E-466910925B89}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWCAD.EXE (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.) [File not signed]
FirewallRules: [{BF274251-D301-4F98-9E3F-88C06283CC93}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{9597FF2B-BB34-46CD-A2AB-CAC510B2C341}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwCrashReportManagement.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{29E97D38-1618-4153-8C12-F0C40EA18977}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{B38CD689-F832-4BA8-A8F2-99ED5C966F4B}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZWErrorDialog.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{5538E21E-7E8D-4AF0-9B3D-D7F187254B35}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{4357DF77-9FB1-46B2-90C0-E2DC41072A93}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{D09CAA84-5CEF-4881-A2DA-A29E7EACF548}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{D75AD38C-F7E0-4B32-83B9-171A5060CB91}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> ZWCAD DESIGN CO., LTD.)
FirewallRules: [{54325E48-B8B0-4A24-AE28-3A15144D0354}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwSyble.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{D0DC8E9A-9ECE-40B8-A8FF-9F620A9B3119}] => (Allow) C:\Program Files (x86)\ZWCAD MECHANICAL 2015 ENU\ZwSyble.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [TCP Query User{B475CECD-9273-44EC-BB31-0DA14A1826AF}C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Allow) C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe (Dassault Systemes) [File not signed]
FirewallRules: [UDP Query User{29953AB9-EE19-4F28-B615-ECD2C81BE1F4}C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Allow) C:\program files (x86)\dassault systemes\b20\intel_a\code\bin\cnext.exe (Dassault Systemes) [File not signed]
FirewallRules: [{89007969-568E-4171-8230-B3B530B3A6D3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8048005-DD76-4E43-9ED4-CC1CC8203C7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{51AC7886-3A4A-4D39-8961-462811FD8B73}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFE33915-9721-49D0-A5A0-632D6EE5E905}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{06745F54-5BEA-4F64-A0AA-F166B4D3F13A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F952119-76B5-4FD6-A9B0-1BBEEACC66EB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F6FE490C-FCCD-49D5-8C1A-00BB1ACB7518}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EC5AB58-1B44-41FB-8BD3-1A078B3F6903}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9CDD50D-E8A2-4DEC-83AE-503DA3B644C7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93BC58B3-E333-49A5-AB11-C48761F469BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Restore Points =========================

02-12-2019 15:31:31 Naplánovaný kontrolní bod
19-12-2019 18:07:53 Windows Update
29-12-2019 15:49:26 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/29/2019 05:15:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0xef4
Čas spuštění chybující aplikace: 0x01d5be62e444665f
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: a1ab6346-b08c-48be-9075-911f19e81fe1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/03/2019 04:32:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x2a40
Čas spuštění chybující aplikace: 0x01d5a9ee281b1471
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: c91aa8e8-9c06-48d5-bf1b-e5cf007ff503
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/03/2019 07:03:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Integrator.exe, verze: 5.130.0.156, časové razítko: 0x5db258a8
Název chybujícího modulu: MSVCR90.dll, verze: 9.0.30729.9518, časové razítko: 0x5b690a0f
Kód výjimky: 0xc0000417
Posun chyby: 0x0003523b
ID chybujícího procesu: 0x2950
Čas spuštění chybující aplikace: 0x01d5a99f61ddc110
Cesta k chybující aplikaci: C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
Cesta k chybujícímu modulu: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9518_none_508db366bcbd18c4\MSVCR90.dll
ID zprávy: 7af37492-537d-4202-b2ce-1add21177dc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/03/2019 07:02:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x2be0
Čas spuštění chybující aplikace: 0x01d5a99ef5af0f12
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 127a6d05-f915-4dfc-9511-fb3a40c033d3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/02/2019 11:58:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1b18
Čas spuštění chybující aplikace: 0x01d5a8ff4bf58557
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 74428661-8075-4803-a7a9-8761b67113ae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/30/2019 08:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x14ec
Čas spuštění chybující aplikace: 0x01d5a7b85d29d891
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 86f51449-85d0-474b-a6ed-9318d8521856
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/25/2019 03:51:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x49c
Čas spuštění chybující aplikace: 0x01d5a39efbd2f693
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 1c44fa2b-3052-4191-84f3-d1209ef84614
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/19/2019 07:16:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x2f6c
Čas spuštění chybující aplikace: 0x01d59ea02345b4c6
Cesta k chybující aplikaci: C:\Users\HP\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 7d00f725-7ccc-4ebb-9d0f-b828bb596712
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (12/29/2019 08:23:08 PM) (Source: DCOM) (EventID: 10016) (User: OMAR)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli OMAR\HP (SID: S-1-5-21-559692135-8497052-1209249446-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/29/2019 08:22:50 PM) (Source: DCOM) (EventID: 10001) (User: OMAR)
Description: Nelze spustit server DCOM: microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
0
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

Error: (12/29/2019 08:13:10 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (12/29/2019 08:12:47 PM) (Source: DCOM) (EventID: 10016) (User: OMAR)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli OMAR\HP (SID: S-1-5-21-559692135-8497052-1209249446-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/29/2019 08:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/29/2019 08:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/29/2019 08:12:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/29/2019 08:12:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Validity WBF Policy Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2019-02-07 15:07:23.809
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {451271AA-3DEC-4B12-AC8C-DD97527C5B89}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-02-05 17:39:11.374
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8978230C-122E-469C-8518-18B21EB3523D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-11-21 18:54:55.879
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 18:54:55.872
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 18:54:55.857
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 18:54:55.851
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.676
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.668
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.651
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-21 17:54:50.644
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Hewlett-Packard F.1B 10/05/2011
Motherboard: Hewlett-Packard 1656
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 35%
Total physical RAM: 8139.86 MB
Available physical RAM: 5275.72 MB
Total Virtual: 9419.86 MB
Available Virtual: 6725.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:110 GB) NTFS

\\?\Volume{191739fe-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.14 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 191739FE)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

omar · #8 Příspěvek od **omar** » 29 pro 2019 20:33

Tak kecám, LOG byl na ploše, jen jsem ho přehlédl.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by HP (29-12-2019 20:12:39) Run:1
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-559692135-8497052-1209249446-1001\...\Policies\Explorer: []
Task: {1A4E3749-F1CB-4AFA-8931-8DCB05940086} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
Task: {3628A419-FEF1-49CF-9512-E223D33D5BA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-07] (Google Inc -> Google Inc.)
FF NewTab: Mozilla\Firefox\Profiles\k4h86qir.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 40__190224
CHR Notifications: Default -> hxxps://hackercombat.com
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-559692135-8497052-1209249446-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A4E3749-F1CB-4AFA-8931-8DCB05940086}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A4E3749-F1CB-4AFA-8931-8DCB05940086}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3628A419-FEF1-49CF-9512-E223D33D5BA4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3628A419-FEF1-49CF-9512-E223D33D5BA4}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"Firefox newtab" => removed successfully
"Chrome Notifications" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 97524939 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6578505 B
Edge => 573621 B
Chrome => 313988703 B
Firefox => 14431444 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15336 B
NetworkService => 15336 B
HP => 67949624 B

RecycleBin => 88982 B
EmptyTemp: => 485.5 MB temporary data Removed.

================================

The system needed a reboot.

==== End 1 Fixlog 20:15:25 ====

#9 Příspěvek od **Rudy** » 29 pro 2019 20:54

Smazáno. Nastala nějaká změna?

omar · #10 Příspěvek od **omar** » 29 pro 2019 20:57

PC lépe reaguje, ale start je stále pomalý. Než najede antivir, tak neotevřu ani složku.

Možná to tak má být, notebook není nejnovější a bůh ví, jak je na tom disk.

#11 Příspěvek od **Rudy** » 29 pro 2019 21:53

Disk můžeme zkontrolovat. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>lopírovat sem dejte log.

omar · #12 Příspěvek od **omar** » 29 pro 2019 23:28

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 17763] (x64)
Date : 2019/12/29 23:31:42

-- Controller Map ----------------------------------------------------------
+ Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C03 [ATA]
- TOSHIBA MK5061GSYN
- hp DVDRAM GT50N
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK5061GSYN : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MK5061GSYN
----------------------------------------------------------------------------
Model : TOSHIBA MK5061GSYN
Firmware : MH000C
Serial Number : 517EF4BCS
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 21994 hod.
Power On Count : 2815 krát
Temperature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __2 000000000919 Čas na roztočení ploten
04 100 100 __0 0000000010C8 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _46 _46 __0 0000000055EA Hodin v činnosti
0A 185 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000AFF Počet cyklů zapnutí zařízení
B7 100 100 __1 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
B9 100 100 __1 00000000FFFF Specifický pro výrobce
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 0000000001F5 Časový limit příkazu
BD 100 100 __1 000000000000 Vysoká rychlost zápisu
BE _61 _48 _40 00002B1B0027 Teplota toku vzduchu
BF 100 100 __0 00000000000E Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000090009 Počet vypnutí disku
C1 _46 _46 __0 00000008515C Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2035 3137 4546 3442 4353
020: 0000 8000 0004 4D48 3030 3043 2020 544F 5348 4942
030: 4120 4D4B 3530 3631 4753 594E 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0004 004C 0040
080: 01F8 0000 706B 7C09 6123 7069 BC09 6123 203F 0035
090: 0035 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 4000 0000 5000 0393
110: 46E0 22B3 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 1DA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 27
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 64 64 19
020: 09 00 00 00 00 00 04 32 00 64 64 C8 10 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 2E 2E EA 55 00 00 00
060: 00 00 0A 33 00 B9 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 FF 0A 00 00 00 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 63 F5
0B0: 01 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 3D 30 27 00 1B 2B 00 00 00 BF 32
0D0: 00 64 64 0E 00 00 00 00 00 00 C0 22 00 64 64 09
0E0: 00 09 00 00 00 00 C1 32 00 2E 2E 5C 51 08 00 00
0F0: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 32
100: 00 64 64 00 00 00 00 00 00 00 C7 32 00 C8 C8 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 6B 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
100: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8B

#13 Příspěvek od **Rudy** » 30 pro 2019 10:19

Disk je v pořádku. Zkuste disk defragmentovat.

omar · #14 Příspěvek od **omar** » 31 pro 2019 15:43

Zdá se to být lepší.

Díky za váš čas, úm a vše nejlepší do nového roku.

#15 Příspěvek od **Rudy** » 31 pro 2019 16:28

Ještě je možřné defragmentovat registry: https://www.chip.cz/novinky/trendy/ausl ... efrag-6-1/ . Šťastný a veselý a nemáte zač!

VIRY.CZ

Kompletně zpomalený notebook

Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook

Re: Kompletně zpomalený notebook