Dobrý den, zamrzá mi notebook, kdy po určité době cca 1 hodině přestane reagovat a je třeba ho vypnout. Prosím o kontrolu, děkuji.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Jan (28-09-2020 11:31:34)
Running from C:\Users\Jan\Downloads
Windows 8.1 (Update) (X64) (2015-11-18 10:47:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3296905901-2605018622-518059273-500 - Administrator - Disabled)
Guest (S-1-5-21-3296905901-2605018622-518059273-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3296905901-2605018622-518059273-1003 - Limited - Enabled)
Jan (S-1-5-21-3296905901-2605018622-518059273-1001 - Administrator - Enabled) => C:\Users\Jan
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Aktualizace NVIDIA 16.13.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.21 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.7.5118.836 - Avast Software)
C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom 5.x_is1) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Start 8 (HKLM-x32\...\{913D024D-5EB4-4AC3-A412-C87588574A74}_is1) (Version: 1.0.0.16 - Crawler Group)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - Název společnosti:) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - Název společnosti:) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.13.1.18705 (HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\GoToMeeting) (Version: 10.13.1.18705 - LogMeIn, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - )
HP Documentation (HKLM-x32\...\{EA7EA537-8F93-42A2-9384-66E7F049E6B0}) (Version: 1.4.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.28.13 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3DFFDA17-EE5C-4C09-AB0B-29CD4A9E6C9C}) (Version: 12.17.27.5 - HP)
HP System Event Utility (HKLM-x32\...\{F12B17AB-FCDA-4380-9D35-E3F871BF1093}) (Version: 1.2.6 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 81.0 (x64 cs) (HKLM\...\Mozilla Firefox 81.0 (x64 cs)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla)
MP3 Workshop 4.40 (HKLM-x32\...\MP3 Workshop_is1) (Version: - Audio2x.com)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 344.24 - NVIDIA Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.24 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29082 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.38 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.20 - Synaptics Incorporated)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.181 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
XPS Network (HKLM-x32\...\{7A6A1E1B-58CC-4B47-AFAF-11B171AC9CBB}) (Version: 13.15.0.2 - Sideline Sports)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
Packages:
=========
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_4.5.0.18_x64__kx24dqmazqk8j [2016-10-02] (Random Salad Games LLC)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-11-23] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-11-21] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-02-04] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-06-13] (.-McAfee Inc-.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-05-03] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-11-09] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-27] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-12-02] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-05-06] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-27] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-11-23] (Skype) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-07-17] (HP Inc.)
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2.1.20.0_x64__t3yemqpq4kp7p [2015-11-23] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-05-09] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2015-02-04] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-11-21] (Hewlett-Packard Company)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro
==================== Loaded Modules (Whitelisted) =============
2014-03-28 14:31 - 2014-03-28 14:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:47 - 2014-03-28 14:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-28 14:29 - 2014-03-28 14:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-28 14:32 - 2014-03-28 14:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-02-04 16:33 - 2015-02-04 16:33 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2015-02-04 16:09 - 2013-04-02 00:19 - 000574464 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Windows\system32\Rtlihvs.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {F9AFCD15-1D6C-4BE9-B4DF-B0D2033D0EB8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296905901-2605018622-518059273-1001 -> {263478F1-B705-4692-8DC6-325CE6124450} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3296905901-2605018622-518059273-1001 -> {F9AFCD15-1D6C-4BE9-B4DF-B0D2033D0EB8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2019-01-12 19:13 - 000000825 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\Desktop\Lenka\Foto trmalovi\010343.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{36BC910F-DB63-4656-AD5C-7BA8C3E2D058}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1EF76316-C00C-49A9-8065-AF81BEBFE619}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{588CBF2E-673D-4AE2-9CF4-A14FBB96544A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{647AEDDC-E816-4837-B04D-F9BE898839D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{352E0A70-9CB2-4CF7-A597-39C35F029C46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{083BA2B3-F33A-4DDE-9D0A-EE2C4F198890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2BB9A3AB-4287-45D0-A693-AB9DC1243717}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{768161B1-F6DC-404D-9181-AB5F969D6C43}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{0536FF25-D8D3-49BD-8C77-E34E3E983150}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{0216B416-5DA5-4C56-AA9B-C4EAC89ADB3E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1F6E19F9-3F74-40E6-B772-96E2975E5984}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{6D12D151-69DB-4E6C-8C78-F77B21E657DE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D2566B2A-F0C4-472B-BE09-8CDC936182D7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2E387DFB-209C-46B3-A52A-D2E02113218A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C4452EE0-2637-49F5-900A-2868ECA97965}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5A9E5091-EE23-4E27-9344-EAD221188FB8}C:\users\jan\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\jan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4C72BCA6-9F0A-4576-85F6-EBFE3C121113}C:\users\jan\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\jan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B04C6A0A-8023-4C45-A78A-CA12ED382079}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-08-2020 17:42:18 Naplánovaný kontrolní bod
16-09-2020 20:09:57 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/28/2020 11:16:44 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/28/2020 09:33:33 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (09/26/2020 08:19:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/26/2020 08:16:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1388
Čas spuštění: 01d69430663856dc
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 5ae7122d-0024-11eb-82e5-d0bf9c1baae2
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/26/2020 08:16:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 6.3.9600.17489 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 13f4
Čas spuštění: 01d69430bdd796ab
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: 3688fdc8-0024-11eb-82e5-d0bf9c1baae2
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel
Error: (09/26/2020 08:15:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTES)
Description: Balíček windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (09/26/2020 08:00:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTES)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (09/26/2020 07:10:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 464
Čas spuštění: 01d694271c024f81
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 1082a2c7-001b-11eb-82e4-d0bf9c1baae2
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (09/28/2020 11:13:22 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Support Solutions Framework Service přestala během spouštění reagovat.
Error: (09/28/2020 11:12:42 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HPWMISVC bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 11:12:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HPWMISVC bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 11:10:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/28/2020 11:10:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 11:10:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Antivirus bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 11:08:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:19:36, 28. 9. 2020) bylo neočekávané.
Error: (09/28/2020 09:24:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Support Solutions Framework Service přestala během spouštění reagovat.
Windows Defender:
===================================
Date: 2016-08-31 08:39:09.748
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.183.39.0;1.183.39.0
Verze modulu: 1.1.10904.0
CodeIntegrity:
===================================
Date: 2018-12-19 13:58:06.800
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:58:03.269
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:59.909
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:56.331
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:52.706
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:49.299
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:45.815
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:42.221
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde F.32 10/28/2014
Motherboard: Hewlett-Packard 2214
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 80%
Total physical RAM: 8078.27 MB
Available physical RAM: 1575.15 MB
Total Virtual: 9358.27 MB
Available Virtual: 2376.99 MB
==================== Drives ================================
Drive b: (Nový svazek) (Fixed) (Total:453.75 GB) (Free:314.37 GB) NTFS
Drive c: (Windows) (Fixed) (Total:455.54 GB) (Free:257.75 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.21 GB) (Free:2.36 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{e6868cf5-0272-463e-852b-7492e9ce36f5}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.33 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9B9D0EB4)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Jan (administrator) on NOTES (Hewlett-Packard HP 15 Notebook PC) (28-09-2020 11:24:41)
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Crawler Group, LLC -> Crawler.com) C:\Program Files (x86)\CStart8\CStart8Tray64.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <5>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2799272 2014-09-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [507144 2014-09-02] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [CStart8] => C:\PROGRAM FILES (X86)\CSTART8\CSTART8TRAY64.EXE [3135816 2015-06-29] (Crawler Group, LLC -> Crawler.com)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Jan\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {485e26df-63f6-11e7-8286-346895128c7c} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {b494c5db-180b-11e9-82b0-346895128c7c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-09-23] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2020-09-17]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09558A42-A62D-4320-B5C5-2968D5576761} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {193FE9B0-701B-4267-A3CB-BC69AA1B0087} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {3668A0E2-E3A0-43C7-B62E-EAE087C84584} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
Task: {43CB38F1-3351-4613-8AEE-30BFED4CC2B7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4FC9FCCD-6BA2-421D-A4FF-6F41EEB58599} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506136 2020-07-01] (HP Inc. -> HP Inc.)
Task: {640091F5-ADB8-486A-AFA0-10BFD166EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {65A5DE0C-855D-41FC-8DBE-FA7521388650} - System32\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001 => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe [31320 2020-09-17] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7119B6FA-2228-4494-8AD4-921A3137C47A} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [3551704 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
Task: {745E0C8E-BFEB-425E-9283-A870A971C1D0} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-09-23] (CyberLink Corp. -> CyberLink Corp.)
Task: {7B38B6DD-22AD-44AB-B061-8D0617818D31} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1180488 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
Task: {81879E71-8238-453B-82CE-78712947756C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {855C9D59-E22C-4E9D-99A4-18873C94FDB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506136 2020-07-01] (HP Inc. -> HP Inc.)
Task: {8A95EBA8-FC9F-4F9F-AE64-91F1AAD096FD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8EAB5F2A-390F-4BDE-83B7-A7676F5C6C2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {989D7B9B-D1FC-46A2-9FB3-1E16548D97BE} - System32\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001 => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe [31320 2020-09-17] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9C93010D-9ACA-4153-AB94-AE665B823371} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {A085867A-2CF4-4064-9024-B28FFD4898CB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {AA0E512E-3191-49F9-A7D2-02A93545A846} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-06-19] (HP Inc. -> HP Inc.)
Task: {B1D8D0E2-D308-4B68-A25B-16014676517D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {BCAF7B0B-003D-452F-9B49-9F5D14CB7635} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {C09AFB5D-E6E8-4522-9396-45CE4CF45662} - System32\Tasks\SafeZone scheduled Autoupdate 1465391584 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {CF7217AE-9804-46EE-98CC-D5F803B94A3A} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5251680 2020-09-04] (Avast Software s.r.o. -> Avast Software)
Task: {DE5765D8-0B8E-44FC-8971-F618FD0BB15F} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
Task: {ED28AFDC-659D-4416-A39F-7B5285D21FA5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
Task: {F8EEAA45-C7AC-4C65-A9A3-B47BEA21AC28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{18E88231-9820-45D8-9D62-2FF52FDBFADD}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D5B24512-7CDE-4007-B7AB-C4421564345E}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jan\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-26]
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge HomePage: Default -> hxxps://www.seznam.cz/
FireFox:
========
FF DefaultProfile: wzmt6nue.default
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wzmt6nue.default [2020-09-28]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2020-09-26]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-07]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-31]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-31]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-08-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-10]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [387928 2020-06-30] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [509192 2014-09-02] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [7509152 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206392 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235584 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195648 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42768 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175192 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [517592 2020-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851600 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469880 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217328 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326408 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 mfehidk01; \Device\mfehidk01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-28 11:24 - 2020-09-28 11:26 - 000024900 _____ C:\Users\Jan\Downloads\FRST.txt
2020-09-28 11:24 - 2020-09-28 11:25 - 000000000 ____D C:\FRST
2020-09-28 11:23 - 2020-09-28 11:23 - 002299392 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2020-09-28 09:34 - 2020-09-28 09:34 - 008414384 _____ (Malwarebytes) C:\Users\Jan\Downloads\adwcleaner_8.0.7.exe
2020-09-26 20:30 - 2020-09-26 21:09 - 669548177 _____ C:\Users\Jan\Downloads\Nepotvrzeno 858799.crdownload
2020-09-26 19:41 - 2020-09-28 10:39 - 1643570018 _____ C:\Users\Jan\Downloads\Velká filmová loupež-80m-1986-ČR-HD-1080p-I.avi
2020-09-26 19:20 - 2020-09-26 19:20 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-09-26 18:43 - 2020-09-26 20:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-22 15:51 - 2020-09-22 16:15 - 420313088 _____ C:\Users\Jan\Downloads\Neskutečné historky-2x02 Zlatý Gordon.avi
2020-09-22 15:33 - 2020-09-22 15:51 - 316170591 _____ C:\Users\Jan\Downloads\Monty Python - Neskutecne-historky - 1- Tompkinsova školní léta, CZ dabing.mp4
2020-09-22 09:12 - 2020-09-22 09:11 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-09-22 09:12 - 2020-09-22 09:11 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-09-22 09:12 - 2020-09-22 09:11 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-09-16 20:18 - 2020-09-02 07:52 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-09-16 20:18 - 2020-09-02 07:25 - 003641344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-09-16 20:18 - 2020-08-27 07:04 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-09-16 20:18 - 2020-08-15 09:22 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-09-16 20:18 - 2020-08-15 09:18 - 007363328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-09-16 20:18 - 2020-08-15 06:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-09-16 20:18 - 2020-08-15 06:14 - 001383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-09-16 20:18 - 2020-08-15 05:59 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-09-16 20:18 - 2020-08-15 05:57 - 001559040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-09-16 20:18 - 2020-08-13 06:17 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 020291072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-09-16 20:18 - 2020-08-13 05:50 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-09-16 20:18 - 2020-08-13 05:40 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-09-16 20:18 - 2020-08-13 05:30 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-09-16 20:18 - 2020-08-13 05:29 - 015480320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-09-16 20:18 - 2020-08-13 05:18 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-09-16 20:18 - 2020-08-13 05:16 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-09-16 20:18 - 2020-08-13 05:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-09-16 20:18 - 2020-08-13 05:11 - 013862400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-09-16 20:18 - 2020-08-13 05:04 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-09-16 20:18 - 2020-08-13 04:57 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-09-16 20:18 - 2020-08-13 04:53 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-09-16 20:18 - 2020-08-11 08:16 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-09-16 20:18 - 2020-08-11 06:33 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-09-16 20:18 - 2020-08-11 04:44 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-09-16 20:18 - 2020-08-11 04:32 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-09-16 20:17 - 2020-08-29 04:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-09-16 20:17 - 2020-08-20 22:54 - 022382424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-09-16 20:17 - 2020-08-20 22:51 - 019805104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-09-16 20:17 - 2020-08-15 09:18 - 002012928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-09-16 20:17 - 2020-08-15 09:18 - 000373512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-09-16 20:17 - 2020-08-15 07:11 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-09-16 20:17 - 2020-08-15 06:43 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-09-16 20:17 - 2020-08-15 06:39 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-09-16 20:17 - 2020-08-15 06:33 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2020-09-16 20:17 - 2020-08-15 06:17 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2020-09-16 20:17 - 2020-08-15 06:17 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-09-16 20:17 - 2020-08-15 06:14 - 001442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-09-16 20:17 - 2020-08-15 06:12 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2020-09-16 20:17 - 2020-08-15 06:12 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2020-09-16 20:17 - 2020-08-15 06:11 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2020-09-16 20:17 - 2020-08-15 06:11 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2020-09-16 20:17 - 2020-08-15 06:04 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-09-16 20:17 - 2020-08-15 06:02 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000292352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2020-09-16 20:17 - 2020-08-15 05:50 - 001495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-09-16 20:17 - 2020-08-13 07:25 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-09-16 20:17 - 2020-08-13 07:24 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2020-09-16 20:17 - 2020-08-13 06:41 - 025756672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-09-16 20:17 - 2020-08-13 05:37 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-09-16 20:17 - 2020-08-13 05:26 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-09-16 20:17 - 2020-08-13 05:20 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-09-16 20:17 - 2020-08-13 05:15 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-09-16 20:17 - 2020-08-13 05:12 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-09-16 20:17 - 2020-08-13 04:54 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-09-16 20:17 - 2020-08-13 04:52 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-09-16 20:17 - 2020-08-11 08:19 - 000136824 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-09-16 20:17 - 2020-08-11 08:17 - 000537632 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-09-16 20:17 - 2020-08-11 08:16 - 001210112 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-09-16 20:17 - 2020-08-11 08:12 - 002173376 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-09-16 20:17 - 2020-08-11 08:12 - 001665104 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-09-16 20:17 - 2020-08-11 06:33 - 001037600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-09-16 20:17 - 2020-08-11 06:33 - 000450312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-09-16 20:17 - 2020-08-11 06:31 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-09-16 20:17 - 2020-08-11 06:31 - 001215736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-09-16 20:17 - 2020-08-11 05:30 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-09-16 20:17 - 2020-08-11 05:03 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2020-09-16 20:17 - 2020-08-11 05:03 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-09-16 20:17 - 2020-08-11 05:00 - 003720192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-09-16 20:17 - 2020-08-11 04:57 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2020-09-16 20:17 - 2020-08-11 04:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-09-16 20:17 - 2020-08-11 04:55 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2020-09-16 20:17 - 2020-08-11 04:45 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-09-16 20:17 - 2020-08-11 04:44 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-09-16 20:17 - 2020-08-11 04:41 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-09-16 20:17 - 2020-08-11 02:44 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2020-09-16 20:17 - 2020-08-10 11:18 - 000160144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-09-16 20:17 - 2020-08-10 02:04 - 003223552 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-09-16 20:17 - 2020-08-10 02:04 - 001998848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000843776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000700416 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-09-16 20:17 - 2020-08-08 15:43 - 001545912 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-09-16 20:17 - 2020-08-06 15:37 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-09-16 20:17 - 2020-08-06 15:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-08-29 10:09 - 2015-08-21 19:56 - 000000000 ____D C:\Users\Jan\Downloads\Slovenske hity 80-90 CD 1
2020-08-29 10:03 - 2020-08-29 10:08 - 093548739 _____ C:\Users\Jan\Downloads\Slovenske hity 80-90 CD 1.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-28 11:16 - 2015-11-18 12:54 - 000000000 ____D C:\Users\Jan\Documents\Youcam
2020-09-28 11:15 - 2015-11-18 12:56 - 000000000 ___DO C:\Users\Jan\OneDrive
2020-09-28 11:12 - 2018-10-12 10:00 - 000000000 ____D C:\Users\Jan\AppData\LocalLow\Mozilla
2020-09-28 11:09 - 2020-08-20 13:52 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2020-09-28 11:08 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-28 10:52 - 2020-03-23 11:34 - 000000634 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job
2020-09-28 10:49 - 2020-03-23 11:34 - 000000538 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job
2020-09-28 09:39 - 2015-11-19 00:15 - 000000000 ____D C:\Program Files\CCleaner
2020-09-28 09:36 - 2016-04-28 17:33 - 000000000 ____D C:\AdwCleaner
2020-09-28 09:33 - 2020-04-01 10:02 - 000000000 ____D C:\Users\Jan\Downloads\Programy
2020-09-28 09:28 - 2015-11-18 13:25 - 000003950 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{1036CFB8-C8D4-44C4-881B-8AD268583162}
2020-09-28 09:20 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-09-26 20:45 - 2018-08-19 20:35 - 000000000 ____D C:\Users\Jan\AppData\Local\AVAST Software
2020-09-26 20:08 - 2018-10-12 09:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-26 19:25 - 2015-11-18 12:54 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-26 19:21 - 2019-02-08 19:46 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-26 19:20 - 2018-10-12 09:59 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-26 19:10 - 2020-04-06 14:23 - 000927744 ___SH C:\Users\Jan\Downloads\Thumbs.db
2020-09-26 18:58 - 2020-04-10 10:33 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002207 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002207 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-26 18:48 - 2020-01-12 20:34 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-26 18:47 - 2020-01-12 20:33 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-26 18:45 - 2020-04-21 13:13 - 000517592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-09-22 15:26 - 2020-05-06 08:38 - 000165376 ___SH C:\Users\Jan\Desktop\Thumbs.db
2020-09-22 14:40 - 2015-11-18 13:58 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-22 14:40 - 2015-11-18 13:58 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-22 14:40 - 2015-11-18 13:58 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 13:33 - 2015-11-19 12:28 - 000000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2020-09-22 11:40 - 2015-11-18 12:45 - 000000000 ____D C:\Users\Jan
2020-09-22 10:14 - 2020-04-08 12:48 - 000002332 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-09-22 10:14 - 2020-04-08 12:48 - 000002324 _____ C:\Users\Jan\Desktop\Microsoft Teams.lnk
2020-09-22 09:49 - 2015-02-04 16:33 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-22 09:31 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-09-22 09:13 - 2017-03-09 13:36 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-09-22 09:13 - 2015-11-18 13:53 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-09-22 09:11 - 2019-01-14 17:02 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-09-22 09:11 - 2018-11-01 14:38 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-09-22 09:11 - 2017-11-22 20:19 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-09-20 20:02 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2020-09-20 17:49 - 2020-03-23 11:34 - 000000000 ____D C:\Users\Jan\AppData\Local\GoToMeeting
2020-09-17 10:09 - 2020-03-23 11:34 - 000003624 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-17 10:09 - 2020-03-23 11:34 - 000003528 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-17 10:04 - 2015-12-03 14:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-17 10:03 - 2013-08-22 16:44 - 005113664 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-16 21:16 - 2015-12-07 10:13 - 000000000 ___SD C:\Windows\system32\CompatTel
2020-09-16 21:16 - 2015-12-07 10:13 - 000000000 ____D C:\Windows\system32\appraiser
2020-09-16 21:16 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-09-16 20:43 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-16 20:43 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-09-16 20:25 - 2015-12-03 16:07 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-16 20:25 - 2015-12-03 16:07 - 000000000 ____D C:\Windows\system32\MRT
2020-09-16 19:56 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-09-04 16:03 - 2020-08-15 16:40 - 000075368 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2020-09-01 21:32 - 2014-10-28 12:00 - 000762978 _____ C:\Windows\system32\perfh005.dat
2020-09-01 21:32 - 2014-10-28 12:00 - 000163700 _____ C:\Windows\system32\perfc005.dat
2020-09-01 21:32 - 2014-03-18 11:53 - 001876212 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-01 10:08 - 2018-04-30 13:49 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-08-29 10:04 - 2020-04-01 10:05 - 000000000 ____D C:\Users\Jan\Downloads\Hudba
==================== Files in the root of some directories ========
2016-11-15 19:05 - 2020-06-24 19:53 - 000002844 _____ () C:\Users\Jan\AppData\Local\FSDownloader.err
2015-11-24 00:15 - 2020-07-16 19:42 - 000002264 _____ () C:\Users\Jan\AppData\Local\FSDownloader.nast
2015-11-29 21:03 - 2015-11-29 21:03 - 000000000 _____ () C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-20 20:06
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zamrzá notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zamrzá notebook
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jan at 2020-09-28 11:47:29
Microsoft Windows 8.1
System drive C: has 264 GB (57%) free of 466 GB
Total RAM: 8078 MB (8% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:47:37, on 28. 9. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\trend micro\Jan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CStart8] "C:\PROGRAM FILES (X86)\CSTART8\CSTART8TRAY64.EXE" /STARTUP
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Jan\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - Global Startup: Avast SecureLine VPN.lnk = C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine VPN (SecureLine) - AVAST Software - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11485 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 911603731296
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {8431dd2b-00ab-427a-9ceeefac79263e9a}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 5b8a0101-c609-4996-af2e-6e5a8b70e146 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="D526C4D6-5C83-FD26-A05B-64172F98B989" /binpath="C:\Program Files\AVAST Software\Avast"
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
AvastUI.exe /nogui
"C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\CStart8\CStart8Tray64.exe" /STARTUP
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.0.1240093391\415917546" -parentBuildID 20200917005511 -prefsHandle 1320 -prefMapHandle 1304 -prefsLen 1 -prefMapSize 237197 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 1432 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.6.1467974185\1372688836" -childID 1 -isForBrowser -prefsHandle 2740 -prefMapHandle 2736 -prefsLen 273 -prefMapSize 237197 -parentBuildID 20200917005511 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 2752 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.13.1675225266\774978423" -childID 2 -isForBrowser -prefsHandle 4256 -prefMapHandle 4220 -prefsLen 7596 -prefMapSize 237197 -parentBuildID 20200917005511 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 4520 tab
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
igfxEM.exe
igfxHK.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7972,11818172023658591410,4190915172611596332,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.7.2425)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7992 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7972,11818172023658591410,4190915172611596332,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.7.2425)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=3012 /prefetch:8
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --field-trial-handle=7972,11818172023658591410,4190915172611596332,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --disable-gpu-compositing --lang=en-US --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.7.2425)" --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8940 /prefetch:1
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.48.674689300\1481762177" -childID 7 -isForBrowser -prefsHandle 8332 -prefMapHandle 7704 -prefsLen 7800 -prefMapSize 237197 -parentBuildID 20200917005511 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 2532 tab
taskhost.exe $(Arg0)
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Jan\Desktop\Addition.txt
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Jan\Downloads\FRST.txt
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Jan\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job - C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe
C:\Windows\tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job - C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wzmt6nue.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho_64.dll [2020-09-23 514960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho.dll [2020-09-23 399248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25 585568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27 416288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-09 2473800]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-09 2799272]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-09-03 7636696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-02 1396592]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-09-17 2818800]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-09-22 109160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-06-17 28990136]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]
"com.squirrel.Teams.Teams"=C:\Users\Jan\AppData\Local\Microsoft\Teams\Update.exe [2020-09-22 2452112]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2014-09-02 507144]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"CStart8"=C:\PROGRAM FILES (X86)\CSTART8\CSTART8TRAY64.EXE [2015-06-29 3135816]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast SecureLine VPN.lnk - C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-09-28 11:24:11 ----D---- C:\FRST
2020-09-26 18:43:17 ----D---- C:\Program Files\Mozilla Firefox
2020-09-22 09:12:50 ----A---- C:\Windows\system32\aswBoot.exe
2020-09-22 09:12:47 ----A---- C:\Windows\system32\drivers\aswStm.sys
2020-09-22 09:12:46 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2020-09-16 20:18:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2020-09-16 20:18:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2020-09-16 20:18:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2020-09-16 20:18:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2020-09-16 20:18:18 ----A---- C:\Windows\SYSWOW64\jscript.dll
2020-09-16 20:18:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2020-09-16 20:18:18 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2020-09-16 20:18:17 ----A---- C:\Windows\system32\vbscript.dll
2020-09-16 20:18:17 ----A---- C:\Windows\system32\msfeeds.dll
2020-09-16 20:18:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2020-09-16 20:18:14 ----A---- C:\Windows\system32\urlmon.dll
2020-09-16 20:18:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2020-09-16 20:18:13 ----A---- C:\Windows\system32\gdi32.dll
2020-09-16 20:18:13 ----A---- C:\Windows\system32\FntCache.dll
2020-09-16 20:18:12 ----A---- C:\Windows\SYSWOW64\upnphost.dll
2020-09-16 20:18:12 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2020-09-16 20:18:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2020-09-16 20:18:11 ----A---- C:\Windows\SYSWOW64\msi.dll
2020-09-16 20:18:10 ----A---- C:\Windows\system32\jscript.dll
2020-09-16 20:18:10 ----A---- C:\Windows\system32\atmfd.dll
2020-09-16 20:18:08 ----A---- C:\Windows\system32\ieframe.dll
2020-09-16 20:18:07 ----A---- C:\Windows\system32\jscript9.dll
2020-09-16 20:18:05 ----A---- C:\Windows\system32\win32k.sys
2020-09-16 20:18:04 ----A---- C:\Windows\system32\upnphost.dll
2020-09-16 20:18:04 ----A---- C:\Windows\system32\DWrite.dll
2020-09-16 20:18:03 ----A---- C:\Windows\system32\wininet.dll
2020-09-16 20:18:01 ----A---- C:\Windows\system32\msi.dll
2020-09-16 20:18:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2020-09-16 20:17:56 ----A---- C:\Windows\system32\mshtml.dll
2020-09-16 20:17:50 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2020-09-16 20:17:50 ----A---- C:\Windows\system32\localspl.dll
2020-09-16 20:17:50 ----A---- C:\Windows\system32\inetcomm.dll
2020-09-16 20:17:49 ----A---- C:\Windows\system32\lsasrv.dll
2020-09-16 20:17:48 ----A---- C:\Windows\system32\shell32.dll
2020-09-16 20:17:46 ----A---- C:\Windows\SYSWOW64\shell32.dll
2020-09-16 20:17:42 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2020-09-16 20:17:42 ----A---- C:\Windows\system32\appraiser.dll
2020-09-16 20:17:41 ----A---- C:\Windows\system32\WMADMOD.DLL
2020-09-16 20:17:40 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2020-09-16 20:17:40 ----A---- C:\Windows\system32\wuaueng.dll
2020-09-16 20:17:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2020-09-16 20:17:39 ----A---- C:\Windows\system32\ieapfltr.dll
2020-09-16 20:17:39 ----A---- C:\Windows\system32\combase.dll
2020-09-16 20:17:38 ----A---- C:\Windows\SYSWOW64\combase.dll
2020-09-16 20:17:38 ----A---- C:\Windows\system32\aeinv.dll
2020-09-16 20:17:37 ----A---- C:\Windows\system32\drivers\ntfs.sys
2020-09-16 20:17:36 ----A---- C:\Windows\system32\invagent.dll
2020-09-16 20:17:36 ----A---- C:\Windows\system32\devinv.dll
2020-09-16 20:17:36 ----A---- C:\Windows\system32\CompatTelRunner.exe
2020-09-16 20:17:36 ----A---- C:\Windows\system32\aepic.dll
2020-09-16 20:17:35 ----A---- C:\Windows\system32\puiobj.dll
2020-09-16 20:17:35 ----A---- C:\Windows\system32\ole32.dll
2020-09-16 20:17:35 ----A---- C:\Windows\system32\centel.dll
2020-09-16 20:17:34 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2020-09-16 20:17:33 ----A---- C:\Windows\system32\rpcrt4.dll
2020-09-16 20:17:33 ----A---- C:\Windows\system32\aitstatic.exe
2020-09-16 20:17:32 ----A---- C:\Windows\SYSWOW64\certcli.dll
2020-09-16 20:17:32 ----A---- C:\Windows\system32\diagtrack.dll
2020-09-16 20:17:32 ----A---- C:\Windows\system32\certcli.dll
2020-09-16 20:17:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2020-09-16 20:17:31 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2020-09-16 20:17:31 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2020-09-16 20:17:31 ----A---- C:\Windows\system32\generaltel.dll
2020-09-16 20:17:29 ----A---- C:\Windows\system32\mf3216.dll
2020-09-16 20:17:29 ----A---- C:\Windows\system32\GdiPlus.dll
2020-09-16 20:17:29 ----A---- C:\Windows\system32\acmigration.dll
2020-09-16 20:17:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2020-09-16 20:17:26 ----A---- C:\Windows\system32\schannel.dll
2020-09-16 20:17:26 ----A---- C:\Windows\system32\drivers\clfs.sys
2020-09-16 20:17:25 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2020-09-16 20:17:25 ----A---- C:\Windows\SYSWOW64\fdSSDP.dll
2020-09-16 20:17:25 ----A---- C:\Windows\system32\wer.dll
2020-09-16 20:17:25 ----A---- C:\Windows\system32\ssdpsrv.dll
2020-09-16 20:17:25 ----A---- C:\Windows\system32\fdSSDP.dll
2020-09-16 20:17:24 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2020-09-16 20:17:24 ----A---- C:\Windows\system32\drivers\msrpc.sys
2020-09-16 20:17:24 ----A---- C:\Windows\system32\dhcpcore6.dll
2020-09-16 20:17:24 ----A---- C:\Windows\system32\dhcpcore.dll
2020-09-16 20:17:23 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2020-09-16 20:17:23 ----A---- C:\Windows\system32\WFS.exe
2020-09-16 20:17:22 ----A---- C:\Windows\SYSWOW64\wer.dll
2020-09-16 20:17:22 ----A---- C:\Windows\SYSWOW64\fdWSD.dll
2020-09-16 20:17:22 ----A---- C:\Windows\system32\pnrpsvc.dll
2020-09-16 20:17:22 ----A---- C:\Windows\system32\fdWSD.dll
2020-09-16 20:17:22 ----A---- C:\Windows\system32\cryptcatsvc.dll
2020-09-16 20:17:21 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2020-09-16 20:17:21 ----A---- C:\Windows\system32\wuauclt.exe
2020-09-16 20:17:20 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2020-09-16 20:17:20 ----A---- C:\Windows\system32\rtutils.dll
2020-09-16 20:17:20 ----A---- C:\Windows\system32\dhcpcsvc.dll
2020-09-16 20:17:18 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2020-09-16 20:17:17 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2020-09-16 20:17:17 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2020-09-16 20:17:17 ----A---- C:\Windows\system32\FXSCOVER.exe
======List of files/folders modified in the last 1 month======
2020-09-28 11:47:35 ----D---- C:\Windows\system32\drivers\etc
2020-09-28 11:47:34 ----D---- C:\Program Files\trend micro
2020-09-28 11:39:22 ----D---- C:\Windows\Temp
2020-09-28 11:38:36 ----D---- C:\Windows\Prefetch
2020-09-28 11:25:12 ----SHD---- C:\System Volume Information
2020-09-28 11:09:20 ----D---- C:\Windows\system32\Tasks
2020-09-28 11:04:23 ----D---- C:\Windows\system32\sru
2020-09-28 09:39:54 ----D---- C:\Program Files\CCleaner
2020-09-28 09:36:23 ----D---- C:\AdwCleaner
2020-09-28 09:20:06 ----D---- C:\Windows\Inf
2020-09-26 20:08:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-26 19:21:07 ----D---- C:\ProgramData\Mozilla
2020-09-26 19:19:53 ----RD---- C:\Program Files
2020-09-26 18:48:34 ----SHD---- C:\Windows\Installer
2020-09-26 18:47:05 ----D---- C:\Windows\SysWOW64
2020-09-26 18:45:50 ----D---- C:\Windows\system32\drivers
2020-09-26 18:44:48 ----D---- C:\Windows\SoftwareDistribution
2020-09-26 18:44:48 ----D---- C:\Windows
2020-09-22 13:33:15 ----D---- C:\Windows\debug
2020-09-22 09:49:18 ----D---- C:\ProgramData\AVAST Software
2020-09-22 09:12:50 ----RD---- C:\Windows\System32
2020-09-20 20:16:30 ----D---- C:\Windows\system32\config
2020-09-20 20:08:24 ----D---- C:\Windows\Microsoft.NET
2020-09-20 20:02:24 ----D---- C:\Windows\rescache
2020-09-17 10:09:23 ----D---- C:\Windows\Tasks
2020-09-17 10:05:14 ----D---- C:\Windows\WinSxS
2020-09-17 10:04:25 ----D---- C:\Windows\system32\DriverStore
2020-09-16 21:16:46 ----RD---- C:\Windows\ToastData
2020-09-16 21:16:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2020-09-16 21:16:44 ----SD---- C:\Windows\system32\CompatTel
2020-09-16 21:16:44 ----D---- C:\Windows\system32\cs-CZ
2020-09-16 21:16:44 ----D---- C:\Windows\system32\appraiser
2020-09-16 21:16:44 ----D---- C:\Windows\apppatch
2020-09-16 20:43:08 ----D---- C:\Windows\AppReadiness
2020-09-16 20:43:06 ----HD---- C:\Program Files\WindowsApps
2020-09-16 20:25:44 ----D---- C:\Windows\system32\MRT
2020-09-16 20:25:33 ----AC---- C:\Windows\system32\MRT.exe
2020-09-16 20:25:02 ----D---- C:\Windows\system32\catroot2
2020-09-16 19:56:27 ----D---- C:\Windows\CbsTemp
2020-09-04 16:03:59 ----A---- C:\Windows\system32\icarus_rvrt.exe
2020-09-01 21:32:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2020-09-22 37136]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2020-09-22 195648]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2020-09-22 60480]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2020-09-22 84848]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2020-09-22 326408]
R0 MBI;@oem15.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2020-09-22 206392]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2020-09-22 235584]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2020-09-22 42768]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2020-09-26 517592]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2020-09-22 109272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2020-09-22 851600]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2020-09-22 469880]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2020-09-22 175192]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2020-09-22 217328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2019-05-03 81920]
R3 clwvd;@oem24.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 GPIO;@oem17.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-15 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-09-03 4264536]
R3 IntcDAud;@oem8.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-10-15 454416]
R3 iwdbus;@oem11.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-09-27 13183808]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-09 19272]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-05 38048]
R3 RSP2STOR;@oem19.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-08-20 294104]
R3 RtkBtFilter;@oem40.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2019-07-05 745424]
R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-07-19 874712]
R3 RTWlanE;@oem6.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-10-08 3593432]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-09-17 33008]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-09-17 546032]
R3 TXEIx64;@oem14.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-07-15 670056]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2019-08-04 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2019-10-25 1208320]
S3 dg_ssudbus;@oem30.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ew_usbccgpfilter;@oem36.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [2018-12-12 18944]
S3 intaud_WaveExtensible;@oem10.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 mfehidk01;McAfee Inc.; \Device\mfehidk01.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2014-09-17 32496]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-09-06 169544]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-09-22 357848]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-10-11 98816]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2020-06-30 387928]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2014-09-02 509192]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2018-12-12 190784]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-15 318568]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-09 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-09 19438920]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-09-27 935232]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-08-19 291032]
R2 SecureLine;Avast SecureLine VPN; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [2020-09-16 7509152]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2014-09-17 191728]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-09-22 7824280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-04-10 223336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18 144200]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-15 280680]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-04-10 223336]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\elevation_service.exe [2020-09-19 1322992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\elevation_service.exe [2020-09-23 1537424]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-09-26 245968]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Run by Jan at 2020-09-28 11:47:29
Microsoft Windows 8.1
System drive C: has 264 GB (57%) free of 466 GB
Total RAM: 8078 MB (8% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:47:37, on 28. 9. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\trend micro\Jan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CStart8] "C:\PROGRAM FILES (X86)\CSTART8\CSTART8TRAY64.EXE" /STARTUP
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Jan\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - Global Startup: Avast SecureLine VPN.lnk = C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine VPN (SecureLine) - AVAST Software - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11485 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 911603731296
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {8431dd2b-00ab-427a-9ceeefac79263e9a}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 5b8a0101-c609-4996-af2e-6e5a8b70e146 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="D526C4D6-5C83-FD26-A05B-64172F98B989" /binpath="C:\Program Files\AVAST Software\Avast"
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
AvastUI.exe /nogui
"C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\CStart8\CStart8Tray64.exe" /STARTUP
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.0.1240093391\415917546" -parentBuildID 20200917005511 -prefsHandle 1320 -prefMapHandle 1304 -prefsLen 1 -prefMapSize 237197 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 1432 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.6.1467974185\1372688836" -childID 1 -isForBrowser -prefsHandle 2740 -prefMapHandle 2736 -prefsLen 273 -prefMapSize 237197 -parentBuildID 20200917005511 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 2752 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.13.1675225266\774978423" -childID 2 -isForBrowser -prefsHandle 4256 -prefMapHandle 4220 -prefsLen 7596 -prefMapSize 237197 -parentBuildID 20200917005511 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 4520 tab
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
igfxEM.exe
igfxHK.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7972,11818172023658591410,4190915172611596332,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.7.2425)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7992 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7972,11818172023658591410,4190915172611596332,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.7.2425)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=3012 /prefetch:8
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --field-trial-handle=7972,11818172023658591410,4190915172611596332,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --disable-gpu-compositing --lang=en-US --log-file="C:\Users\Jan\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.7.2425)" --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8940 /prefetch:1
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4224.48.674689300\1481762177" -childID 7 -isForBrowser -prefsHandle 8332 -prefMapHandle 7704 -prefsLen 7800 -prefMapSize 237197 -parentBuildID 20200917005511 -appdir "C:\Program Files\Mozilla Firefox\browser" - 4224 "\\.\pipe\gecko-crash-server-pipe.4224" 2532 tab
taskhost.exe $(Arg0)
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Jan\Desktop\Addition.txt
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Jan\Downloads\FRST.txt
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Jan\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job - C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe
C:\Windows\tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job - C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wzmt6nue.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho_64.dll [2020-09-23 514960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\BHO\ie_to_edge_bho.dll [2020-09-23 399248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25 585568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27 416288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-09 2473800]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-09 2799272]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-09-03 7636696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-02 1396592]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-09-17 2818800]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-09-22 109160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-06-17 28990136]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]
"com.squirrel.Teams.Teams"=C:\Users\Jan\AppData\Local\Microsoft\Teams\Update.exe [2020-09-22 2452112]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2014-09-02 507144]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"CStart8"=C:\PROGRAM FILES (X86)\CSTART8\CSTART8TRAY64.EXE [2015-06-29 3135816]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast SecureLine VPN.lnk - C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-09-28 11:24:11 ----D---- C:\FRST
2020-09-26 18:43:17 ----D---- C:\Program Files\Mozilla Firefox
2020-09-22 09:12:50 ----A---- C:\Windows\system32\aswBoot.exe
2020-09-22 09:12:47 ----A---- C:\Windows\system32\drivers\aswStm.sys
2020-09-22 09:12:46 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2020-09-16 20:18:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2020-09-16 20:18:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2020-09-16 20:18:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2020-09-16 20:18:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2020-09-16 20:18:18 ----A---- C:\Windows\SYSWOW64\jscript.dll
2020-09-16 20:18:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2020-09-16 20:18:18 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2020-09-16 20:18:17 ----A---- C:\Windows\system32\vbscript.dll
2020-09-16 20:18:17 ----A---- C:\Windows\system32\msfeeds.dll
2020-09-16 20:18:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2020-09-16 20:18:14 ----A---- C:\Windows\system32\urlmon.dll
2020-09-16 20:18:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2020-09-16 20:18:13 ----A---- C:\Windows\system32\gdi32.dll
2020-09-16 20:18:13 ----A---- C:\Windows\system32\FntCache.dll
2020-09-16 20:18:12 ----A---- C:\Windows\SYSWOW64\upnphost.dll
2020-09-16 20:18:12 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2020-09-16 20:18:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2020-09-16 20:18:11 ----A---- C:\Windows\SYSWOW64\msi.dll
2020-09-16 20:18:10 ----A---- C:\Windows\system32\jscript.dll
2020-09-16 20:18:10 ----A---- C:\Windows\system32\atmfd.dll
2020-09-16 20:18:08 ----A---- C:\Windows\system32\ieframe.dll
2020-09-16 20:18:07 ----A---- C:\Windows\system32\jscript9.dll
2020-09-16 20:18:05 ----A---- C:\Windows\system32\win32k.sys
2020-09-16 20:18:04 ----A---- C:\Windows\system32\upnphost.dll
2020-09-16 20:18:04 ----A---- C:\Windows\system32\DWrite.dll
2020-09-16 20:18:03 ----A---- C:\Windows\system32\wininet.dll
2020-09-16 20:18:01 ----A---- C:\Windows\system32\msi.dll
2020-09-16 20:18:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2020-09-16 20:17:56 ----A---- C:\Windows\system32\mshtml.dll
2020-09-16 20:17:50 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2020-09-16 20:17:50 ----A---- C:\Windows\system32\localspl.dll
2020-09-16 20:17:50 ----A---- C:\Windows\system32\inetcomm.dll
2020-09-16 20:17:49 ----A---- C:\Windows\system32\lsasrv.dll
2020-09-16 20:17:48 ----A---- C:\Windows\system32\shell32.dll
2020-09-16 20:17:46 ----A---- C:\Windows\SYSWOW64\shell32.dll
2020-09-16 20:17:42 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2020-09-16 20:17:42 ----A---- C:\Windows\system32\appraiser.dll
2020-09-16 20:17:41 ----A---- C:\Windows\system32\WMADMOD.DLL
2020-09-16 20:17:40 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2020-09-16 20:17:40 ----A---- C:\Windows\system32\wuaueng.dll
2020-09-16 20:17:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2020-09-16 20:17:39 ----A---- C:\Windows\system32\ieapfltr.dll
2020-09-16 20:17:39 ----A---- C:\Windows\system32\combase.dll
2020-09-16 20:17:38 ----A---- C:\Windows\SYSWOW64\combase.dll
2020-09-16 20:17:38 ----A---- C:\Windows\system32\aeinv.dll
2020-09-16 20:17:37 ----A---- C:\Windows\system32\drivers\ntfs.sys
2020-09-16 20:17:36 ----A---- C:\Windows\system32\invagent.dll
2020-09-16 20:17:36 ----A---- C:\Windows\system32\devinv.dll
2020-09-16 20:17:36 ----A---- C:\Windows\system32\CompatTelRunner.exe
2020-09-16 20:17:36 ----A---- C:\Windows\system32\aepic.dll
2020-09-16 20:17:35 ----A---- C:\Windows\system32\puiobj.dll
2020-09-16 20:17:35 ----A---- C:\Windows\system32\ole32.dll
2020-09-16 20:17:35 ----A---- C:\Windows\system32\centel.dll
2020-09-16 20:17:34 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2020-09-16 20:17:33 ----A---- C:\Windows\system32\rpcrt4.dll
2020-09-16 20:17:33 ----A---- C:\Windows\system32\aitstatic.exe
2020-09-16 20:17:32 ----A---- C:\Windows\SYSWOW64\certcli.dll
2020-09-16 20:17:32 ----A---- C:\Windows\system32\diagtrack.dll
2020-09-16 20:17:32 ----A---- C:\Windows\system32\certcli.dll
2020-09-16 20:17:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2020-09-16 20:17:31 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2020-09-16 20:17:31 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2020-09-16 20:17:31 ----A---- C:\Windows\system32\generaltel.dll
2020-09-16 20:17:29 ----A---- C:\Windows\system32\mf3216.dll
2020-09-16 20:17:29 ----A---- C:\Windows\system32\GdiPlus.dll
2020-09-16 20:17:29 ----A---- C:\Windows\system32\acmigration.dll
2020-09-16 20:17:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2020-09-16 20:17:26 ----A---- C:\Windows\system32\schannel.dll
2020-09-16 20:17:26 ----A---- C:\Windows\system32\drivers\clfs.sys
2020-09-16 20:17:25 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2020-09-16 20:17:25 ----A---- C:\Windows\SYSWOW64\fdSSDP.dll
2020-09-16 20:17:25 ----A---- C:\Windows\system32\wer.dll
2020-09-16 20:17:25 ----A---- C:\Windows\system32\ssdpsrv.dll
2020-09-16 20:17:25 ----A---- C:\Windows\system32\fdSSDP.dll
2020-09-16 20:17:24 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2020-09-16 20:17:24 ----A---- C:\Windows\system32\drivers\msrpc.sys
2020-09-16 20:17:24 ----A---- C:\Windows\system32\dhcpcore6.dll
2020-09-16 20:17:24 ----A---- C:\Windows\system32\dhcpcore.dll
2020-09-16 20:17:23 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2020-09-16 20:17:23 ----A---- C:\Windows\system32\WFS.exe
2020-09-16 20:17:22 ----A---- C:\Windows\SYSWOW64\wer.dll
2020-09-16 20:17:22 ----A---- C:\Windows\SYSWOW64\fdWSD.dll
2020-09-16 20:17:22 ----A---- C:\Windows\system32\pnrpsvc.dll
2020-09-16 20:17:22 ----A---- C:\Windows\system32\fdWSD.dll
2020-09-16 20:17:22 ----A---- C:\Windows\system32\cryptcatsvc.dll
2020-09-16 20:17:21 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2020-09-16 20:17:21 ----A---- C:\Windows\system32\wuauclt.exe
2020-09-16 20:17:20 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2020-09-16 20:17:20 ----A---- C:\Windows\system32\rtutils.dll
2020-09-16 20:17:20 ----A---- C:\Windows\system32\dhcpcsvc.dll
2020-09-16 20:17:18 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2020-09-16 20:17:17 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2020-09-16 20:17:17 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2020-09-16 20:17:17 ----A---- C:\Windows\system32\FXSCOVER.exe
======List of files/folders modified in the last 1 month======
2020-09-28 11:47:35 ----D---- C:\Windows\system32\drivers\etc
2020-09-28 11:47:34 ----D---- C:\Program Files\trend micro
2020-09-28 11:39:22 ----D---- C:\Windows\Temp
2020-09-28 11:38:36 ----D---- C:\Windows\Prefetch
2020-09-28 11:25:12 ----SHD---- C:\System Volume Information
2020-09-28 11:09:20 ----D---- C:\Windows\system32\Tasks
2020-09-28 11:04:23 ----D---- C:\Windows\system32\sru
2020-09-28 09:39:54 ----D---- C:\Program Files\CCleaner
2020-09-28 09:36:23 ----D---- C:\AdwCleaner
2020-09-28 09:20:06 ----D---- C:\Windows\Inf
2020-09-26 20:08:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-26 19:21:07 ----D---- C:\ProgramData\Mozilla
2020-09-26 19:19:53 ----RD---- C:\Program Files
2020-09-26 18:48:34 ----SHD---- C:\Windows\Installer
2020-09-26 18:47:05 ----D---- C:\Windows\SysWOW64
2020-09-26 18:45:50 ----D---- C:\Windows\system32\drivers
2020-09-26 18:44:48 ----D---- C:\Windows\SoftwareDistribution
2020-09-26 18:44:48 ----D---- C:\Windows
2020-09-22 13:33:15 ----D---- C:\Windows\debug
2020-09-22 09:49:18 ----D---- C:\ProgramData\AVAST Software
2020-09-22 09:12:50 ----RD---- C:\Windows\System32
2020-09-20 20:16:30 ----D---- C:\Windows\system32\config
2020-09-20 20:08:24 ----D---- C:\Windows\Microsoft.NET
2020-09-20 20:02:24 ----D---- C:\Windows\rescache
2020-09-17 10:09:23 ----D---- C:\Windows\Tasks
2020-09-17 10:05:14 ----D---- C:\Windows\WinSxS
2020-09-17 10:04:25 ----D---- C:\Windows\system32\DriverStore
2020-09-16 21:16:46 ----RD---- C:\Windows\ToastData
2020-09-16 21:16:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2020-09-16 21:16:44 ----SD---- C:\Windows\system32\CompatTel
2020-09-16 21:16:44 ----D---- C:\Windows\system32\cs-CZ
2020-09-16 21:16:44 ----D---- C:\Windows\system32\appraiser
2020-09-16 21:16:44 ----D---- C:\Windows\apppatch
2020-09-16 20:43:08 ----D---- C:\Windows\AppReadiness
2020-09-16 20:43:06 ----HD---- C:\Program Files\WindowsApps
2020-09-16 20:25:44 ----D---- C:\Windows\system32\MRT
2020-09-16 20:25:33 ----AC---- C:\Windows\system32\MRT.exe
2020-09-16 20:25:02 ----D---- C:\Windows\system32\catroot2
2020-09-16 19:56:27 ----D---- C:\Windows\CbsTemp
2020-09-04 16:03:59 ----A---- C:\Windows\system32\icarus_rvrt.exe
2020-09-01 21:32:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2020-09-22 37136]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2020-09-22 195648]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2020-09-22 60480]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2020-09-22 84848]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2020-09-22 326408]
R0 MBI;@oem15.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2020-09-22 206392]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2020-09-22 235584]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2020-09-22 42768]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2020-09-26 517592]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2020-09-22 109272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2020-09-22 851600]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2020-09-22 469880]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2020-09-22 175192]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2020-09-22 217328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2019-05-03 81920]
R3 clwvd;@oem24.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 GPIO;@oem17.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-15 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-09-03 4264536]
R3 IntcDAud;@oem8.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-10-15 454416]
R3 iwdbus;@oem11.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-09-27 13183808]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-09 19272]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-05 38048]
R3 RSP2STOR;@oem19.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-08-20 294104]
R3 RtkBtFilter;@oem40.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2019-07-05 745424]
R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-07-19 874712]
R3 RTWlanE;@oem6.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-10-08 3593432]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-09-17 33008]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-09-17 546032]
R3 TXEIx64;@oem14.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-07-15 670056]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2019-08-04 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2019-10-25 1208320]
S3 dg_ssudbus;@oem30.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ew_usbccgpfilter;@oem36.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [2018-12-12 18944]
S3 intaud_WaveExtensible;@oem10.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 mfehidk01;McAfee Inc.; \Device\mfehidk01.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2014-09-17 32496]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-09-06 169544]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-09-22 357848]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-10-11 98816]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2020-06-30 387928]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2014-09-02 509192]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2018-12-12 190784]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-15 318568]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-09 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-09 19438920]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-09-27 935232]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-08-19 291032]
R2 SecureLine;Avast SecureLine VPN; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [2020-09-16 7509152]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2014-09-17 191728]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-09-22 7824280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-04-10 223336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18 144200]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-15 280680]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-04-10 223336]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\elevation_service.exe [2020-09-19 1322992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.63\elevation_service.exe [2020-09-23 1537424]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-09-26 245968]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzá notebook
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzá notebook
Omlouvám se za prodlevu, ale nedá se rychleji....
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-28-2020
# Duration: 00:00:03
# OS: Windows 8.1
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Jan\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5775 octets] - [28/09/2020 09:36:23]
AdwCleaner[S01].txt - [5836 octets] - [28/09/2020 13:25:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-28-2020
# Duration: 00:00:03
# OS: Windows 8.1
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Jan\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5775 octets] - [28/09/2020 09:36:23]
AdwCleaner[S01].txt - [5836 octets] - [28/09/2020 13:25:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzá notebook
Nic se neděje. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzá notebook
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Jan (administrator) on NOTES (Hewlett-Packard HP 15 Notebook PC) (28-09-2020 16:19:18)
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Crawler Group, LLC -> Crawler.com) C:\Program Files (x86)\CStart8\CStart8Tray64.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2799272 2014-09-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [507144 2014-09-02] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [CStart8] => C:\PROGRAM FILES (X86)\CSTART8\CSTART8TRAY64.EXE [3135816 2015-06-29] (Crawler Group, LLC -> Crawler.com)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Jan\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {485e26df-63f6-11e7-8286-346895128c7c} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {b494c5db-180b-11e9-82b0-346895128c7c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-09-23] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2020-09-17]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09558A42-A62D-4320-B5C5-2968D5576761} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {193FE9B0-701B-4267-A3CB-BC69AA1B0087} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {3668A0E2-E3A0-43C7-B62E-EAE087C84584} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
Task: {43CB38F1-3351-4613-8AEE-30BFED4CC2B7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4FC9FCCD-6BA2-421D-A4FF-6F41EEB58599} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506136 2020-07-01] (HP Inc. -> HP Inc.)
Task: {640091F5-ADB8-486A-AFA0-10BFD166EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {65A5DE0C-855D-41FC-8DBE-FA7521388650} - System32\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001 => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe [31320 2020-09-17] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7119B6FA-2228-4494-8AD4-921A3137C47A} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [3551704 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
Task: {745E0C8E-BFEB-425E-9283-A870A971C1D0} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-09-23] (CyberLink Corp. -> CyberLink Corp.)
Task: {81879E71-8238-453B-82CE-78712947756C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {855C9D59-E22C-4E9D-99A4-18873C94FDB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506136 2020-07-01] (HP Inc. -> HP Inc.)
Task: {8A95EBA8-FC9F-4F9F-AE64-91F1AAD096FD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8EAB5F2A-390F-4BDE-83B7-A7676F5C6C2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {989D7B9B-D1FC-46A2-9FB3-1E16548D97BE} - System32\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001 => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe [31320 2020-09-17] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9C93010D-9ACA-4153-AB94-AE665B823371} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {A085867A-2CF4-4064-9024-B28FFD4898CB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {A8B15CC4-27A5-470E-AB53-2B9EB62DFF8C} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1180488 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
Task: {AA0E512E-3191-49F9-A7D2-02A93545A846} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-06-19] (HP Inc. -> HP Inc.)
Task: {B1D8D0E2-D308-4B68-A25B-16014676517D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {BCAF7B0B-003D-452F-9B49-9F5D14CB7635} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {C09AFB5D-E6E8-4522-9396-45CE4CF45662} - System32\Tasks\SafeZone scheduled Autoupdate 1465391584 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {CF7217AE-9804-46EE-98CC-D5F803B94A3A} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5251680 2020-09-04] (Avast Software s.r.o. -> Avast Software)
Task: {DE5765D8-0B8E-44FC-8971-F618FD0BB15F} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
Task: {ED28AFDC-659D-4416-A39F-7B5285D21FA5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
Task: {F8EEAA45-C7AC-4C65-A9A3-B47BEA21AC28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{18E88231-9820-45D8-9D62-2FF52FDBFADD}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D5B24512-7CDE-4007-B7AB-C4421564345E}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jan\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-26]
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge HomePage: Default -> hxxps://www.seznam.cz/
FireFox:
========
FF DefaultProfile: wzmt6nue.default
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wzmt6nue.default [2020-09-28]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2020-09-26]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-07]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-31]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-31]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-08-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-10]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [387928 2020-06-30] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [509192 2014-09-02] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [7509152 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206392 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235584 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195648 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42768 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175192 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [517592 2020-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851600 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469880 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217328 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326408 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-09-28] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197280 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73880 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131232 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 mfehidk01; \Device\mfehidk01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-28 15:55 - 2020-09-28 16:18 - 305594032 _____ C:\Users\Jan\Downloads\Andělské oči 1994.mp4.part
2020-09-28 15:55 - 2020-09-28 15:55 - 000000000 _____ C:\Users\Jan\Downloads\Andělské oči 1994.mp4
2020-09-28 13:29 - 2020-09-28 13:29 - 000197280 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-09-28 13:28 - 2020-09-28 15:37 - 000131232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-09-28 13:28 - 2020-09-28 13:28 - 000073880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-09-28 13:07 - 2020-09-28 13:07 - 000000000 ____D C:\Users\Jan\AppData\Local\mbam
2020-09-28 13:06 - 2020-09-28 13:06 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-09-28 13:06 - 2020-09-28 13:06 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-09-28 13:06 - 2020-09-28 13:06 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-28 13:06 - 2020-09-28 13:06 - 000001971 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-28 13:06 - 2020-09-28 13:06 - 000001971 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-28 13:05 - 2020-09-28 13:04 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-09-28 12:53 - 2020-09-28 12:53 - 000000000 ____D C:\Program Files\Malwarebytes
2020-09-28 12:51 - 2020-09-28 12:52 - 002040904 _____ (Malwarebytes) C:\Users\Jan\Desktop\MBSetup.exe
2020-09-28 12:48 - 2020-09-28 12:49 - 000000000 ____D C:\Users\Jan\Desktop\logy
2020-09-28 11:47 - 2020-09-28 11:47 - 001222144 _____ C:\Users\Jan\Downloads\RSITx64.exe
2020-09-28 11:31 - 2020-09-28 11:38 - 000039189 _____ C:\Users\Jan\Downloads\Addition.txt
2020-09-28 11:24 - 2020-09-28 16:21 - 000025827 _____ C:\Users\Jan\Downloads\FRST.txt
2020-09-28 11:24 - 2020-09-28 16:20 - 000000000 ____D C:\FRST
2020-09-28 11:23 - 2020-09-28 11:23 - 002299392 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2020-09-28 09:34 - 2020-09-28 09:34 - 008414384 _____ (Malwarebytes) C:\Users\Jan\Downloads\adwcleaner_8.0.7.exe
2020-09-26 19:41 - 2020-09-28 10:39 - 1643570018 _____ C:\Users\Jan\Downloads\Velká filmová loupež-80m-1986-ČR-HD-1080p-I.avi
2020-09-26 19:20 - 2020-09-26 19:20 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-09-26 18:43 - 2020-09-26 20:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-22 15:51 - 2020-09-22 16:15 - 420313088 _____ C:\Users\Jan\Downloads\Neskutečné historky-2x02 Zlatý Gordon.avi
2020-09-22 15:33 - 2020-09-22 15:51 - 316170591 _____ C:\Users\Jan\Downloads\Monty Python - Neskutecne-historky - 1- Tompkinsova školní léta, CZ dabing.mp4
2020-09-22 09:12 - 2020-09-22 09:11 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-09-22 09:12 - 2020-09-22 09:11 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-09-22 09:12 - 2020-09-22 09:11 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-09-16 20:18 - 2020-09-02 07:52 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-09-16 20:18 - 2020-09-02 07:25 - 003641344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-09-16 20:18 - 2020-08-27 07:04 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-09-16 20:18 - 2020-08-15 09:22 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-09-16 20:18 - 2020-08-15 09:18 - 007363328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-09-16 20:18 - 2020-08-15 06:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-09-16 20:18 - 2020-08-15 06:14 - 001383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-09-16 20:18 - 2020-08-15 05:59 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-09-16 20:18 - 2020-08-15 05:57 - 001559040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-09-16 20:18 - 2020-08-13 06:17 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 020291072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-09-16 20:18 - 2020-08-13 05:50 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-09-16 20:18 - 2020-08-13 05:40 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-09-16 20:18 - 2020-08-13 05:30 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-09-16 20:18 - 2020-08-13 05:29 - 015480320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-09-16 20:18 - 2020-08-13 05:18 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-09-16 20:18 - 2020-08-13 05:16 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-09-16 20:18 - 2020-08-13 05:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-09-16 20:18 - 2020-08-13 05:11 - 013862400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-09-16 20:18 - 2020-08-13 05:04 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-09-16 20:18 - 2020-08-13 04:57 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-09-16 20:18 - 2020-08-13 04:53 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-09-16 20:18 - 2020-08-11 08:16 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-09-16 20:18 - 2020-08-11 06:33 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-09-16 20:18 - 2020-08-11 04:44 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-09-16 20:18 - 2020-08-11 04:32 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-09-16 20:17 - 2020-08-29 04:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-09-16 20:17 - 2020-08-20 22:54 - 022382424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-09-16 20:17 - 2020-08-20 22:51 - 019805104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-09-16 20:17 - 2020-08-15 09:18 - 002012928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-09-16 20:17 - 2020-08-15 09:18 - 000373512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-09-16 20:17 - 2020-08-15 07:11 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-09-16 20:17 - 2020-08-15 06:43 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-09-16 20:17 - 2020-08-15 06:39 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-09-16 20:17 - 2020-08-15 06:33 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2020-09-16 20:17 - 2020-08-15 06:17 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2020-09-16 20:17 - 2020-08-15 06:17 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-09-16 20:17 - 2020-08-15 06:14 - 001442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-09-16 20:17 - 2020-08-15 06:12 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2020-09-16 20:17 - 2020-08-15 06:12 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2020-09-16 20:17 - 2020-08-15 06:11 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2020-09-16 20:17 - 2020-08-15 06:11 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2020-09-16 20:17 - 2020-08-15 06:04 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-09-16 20:17 - 2020-08-15 06:02 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000292352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2020-09-16 20:17 - 2020-08-15 05:50 - 001495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-09-16 20:17 - 2020-08-13 07:25 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-09-16 20:17 - 2020-08-13 07:24 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2020-09-16 20:17 - 2020-08-13 06:41 - 025756672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-09-16 20:17 - 2020-08-13 05:37 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-09-16 20:17 - 2020-08-13 05:26 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-09-16 20:17 - 2020-08-13 05:20 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-09-16 20:17 - 2020-08-13 05:15 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-09-16 20:17 - 2020-08-13 05:12 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-09-16 20:17 - 2020-08-13 04:54 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-09-16 20:17 - 2020-08-13 04:52 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-09-16 20:17 - 2020-08-11 08:19 - 000136824 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-09-16 20:17 - 2020-08-11 08:17 - 000537632 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-09-16 20:17 - 2020-08-11 08:16 - 001210112 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-09-16 20:17 - 2020-08-11 08:12 - 002173376 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-09-16 20:17 - 2020-08-11 08:12 - 001665104 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-09-16 20:17 - 2020-08-11 06:33 - 001037600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-09-16 20:17 - 2020-08-11 06:33 - 000450312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-09-16 20:17 - 2020-08-11 06:31 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-09-16 20:17 - 2020-08-11 06:31 - 001215736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-09-16 20:17 - 2020-08-11 05:30 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-09-16 20:17 - 2020-08-11 05:03 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2020-09-16 20:17 - 2020-08-11 05:03 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-09-16 20:17 - 2020-08-11 05:00 - 003720192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-09-16 20:17 - 2020-08-11 04:57 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2020-09-16 20:17 - 2020-08-11 04:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-09-16 20:17 - 2020-08-11 04:55 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2020-09-16 20:17 - 2020-08-11 04:45 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-09-16 20:17 - 2020-08-11 04:44 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-09-16 20:17 - 2020-08-11 04:41 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-09-16 20:17 - 2020-08-11 02:44 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2020-09-16 20:17 - 2020-08-10 11:18 - 000160144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-09-16 20:17 - 2020-08-10 02:04 - 003223552 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-09-16 20:17 - 2020-08-10 02:04 - 001998848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000843776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000700416 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-09-16 20:17 - 2020-08-08 15:43 - 001545912 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-09-16 20:17 - 2020-08-06 15:37 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-09-16 20:17 - 2020-08-06 15:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-08-29 10:09 - 2015-08-21 19:56 - 000000000 ____D C:\Users\Jan\Downloads\Slovenske hity 80-90 CD 1
2020-08-29 10:03 - 2020-08-29 10:08 - 093548739 _____ C:\Users\Jan\Downloads\Slovenske hity 80-90 CD 1.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-28 16:18 - 2018-10-12 10:00 - 000000000 ____D C:\Users\Jan\AppData\LocalLow\Mozilla
2020-09-28 16:10 - 2018-08-19 20:35 - 000000000 ____D C:\Users\Jan\AppData\Local\AVAST Software
2020-09-28 15:59 - 2015-11-18 13:25 - 000003950 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{1036CFB8-C8D4-44C4-881B-8AD268583162}
2020-09-28 15:49 - 2020-03-23 11:34 - 000000538 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job
2020-09-28 15:44 - 2015-11-18 12:54 - 000000000 ____D C:\Users\Jan\Documents\Youcam
2020-09-28 15:43 - 2015-11-18 12:56 - 000000000 ___DO C:\Users\Jan\OneDrive
2020-09-28 15:41 - 2017-03-09 13:36 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-09-28 15:36 - 2015-11-18 12:45 - 000000000 ____D C:\Users\Jan
2020-09-28 15:35 - 2020-08-20 13:52 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2020-09-28 15:34 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-28 14:42 - 2020-03-23 11:34 - 000000634 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job
2020-09-28 14:28 - 2015-02-04 16:33 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-28 13:04 - 2016-04-30 09:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-28 11:47 - 2016-04-28 17:50 - 000000000 ____D C:\Program Files\trend micro
2020-09-28 11:35 - 2020-04-06 14:23 - 000934912 ___SH C:\Users\Jan\Downloads\Thumbs.db
2020-09-28 09:39 - 2015-11-19 00:15 - 000000000 ____D C:\Program Files\CCleaner
2020-09-28 09:36 - 2016-04-28 17:33 - 000000000 ____D C:\AdwCleaner
2020-09-28 09:33 - 2020-04-01 10:02 - 000000000 ____D C:\Users\Jan\Downloads\Programy
2020-09-28 09:20 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-09-26 20:08 - 2018-10-12 09:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-26 19:25 - 2015-11-18 12:54 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-26 19:21 - 2019-02-08 19:46 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-26 19:20 - 2018-10-12 09:59 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002207 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002207 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-26 18:48 - 2020-01-12 20:34 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-26 18:47 - 2020-01-12 20:33 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-26 18:45 - 2020-04-21 13:13 - 000517592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-09-22 15:26 - 2020-05-06 08:38 - 000165376 ___SH C:\Users\Jan\Desktop\Thumbs.db
2020-09-22 14:40 - 2015-11-18 13:58 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-22 14:40 - 2015-11-18 13:58 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-22 14:40 - 2015-11-18 13:58 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 13:33 - 2015-11-19 12:28 - 000000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2020-09-22 10:14 - 2020-04-08 12:48 - 000002332 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-09-22 10:14 - 2020-04-08 12:48 - 000002324 _____ C:\Users\Jan\Desktop\Microsoft Teams.lnk
2020-09-22 09:31 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-09-22 09:13 - 2015-11-18 13:53 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-09-22 09:11 - 2019-01-14 17:02 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-09-22 09:11 - 2018-11-01 14:38 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-09-22 09:11 - 2017-11-22 20:19 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-09-20 20:02 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2020-09-20 17:49 - 2020-03-23 11:34 - 000000000 ____D C:\Users\Jan\AppData\Local\GoToMeeting
2020-09-17 10:09 - 2020-03-23 11:34 - 000003624 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-17 10:09 - 2020-03-23 11:34 - 000003528 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-17 10:04 - 2015-12-03 14:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-17 10:03 - 2013-08-22 16:44 - 005113664 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-16 21:16 - 2015-12-07 10:13 - 000000000 ___SD C:\Windows\system32\CompatTel
2020-09-16 21:16 - 2015-12-07 10:13 - 000000000 ____D C:\Windows\system32\appraiser
2020-09-16 21:16 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-09-16 20:43 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-16 20:43 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-09-16 20:25 - 2015-12-03 16:07 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-16 20:25 - 2015-12-03 16:07 - 000000000 ____D C:\Windows\system32\MRT
2020-09-16 19:56 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-09-04 16:03 - 2020-08-15 16:40 - 000075368 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2020-09-01 21:32 - 2014-10-28 12:00 - 000762978 _____ C:\Windows\system32\perfh005.dat
2020-09-01 21:32 - 2014-10-28 12:00 - 000163700 _____ C:\Windows\system32\perfc005.dat
2020-09-01 21:32 - 2014-03-18 11:53 - 001876212 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-01 10:08 - 2018-04-30 13:49 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-08-29 10:04 - 2020-04-01 10:05 - 000000000 ____D C:\Users\Jan\Downloads\Hudba
==================== Files in the root of some directories ========
2016-11-15 19:05 - 2020-06-24 19:53 - 000002844 _____ () C:\Users\Jan\AppData\Local\FSDownloader.err
2015-11-24 00:15 - 2020-07-16 19:42 - 000002264 _____ () C:\Users\Jan\AppData\Local\FSDownloader.nast
2015-11-29 21:03 - 2015-11-29 21:03 - 000000000 _____ () C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-20 20:06
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Jan (28-09-2020 16:27:48)
Running from C:\Users\Jan\Downloads
Windows 8.1 (Update) (X64) (2015-11-18 10:47:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3296905901-2605018622-518059273-500 - Administrator - Disabled)
Guest (S-1-5-21-3296905901-2605018622-518059273-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3296905901-2605018622-518059273-1003 - Limited - Enabled)
Jan (S-1-5-21-3296905901-2605018622-518059273-1001 - Administrator - Enabled) => C:\Users\Jan
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Aktualizace NVIDIA 16.13.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.21 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.7.5118.836 - Avast Software)
C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom 5.x_is1) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Start 8 (HKLM-x32\...\{913D024D-5EB4-4AC3-A412-C87588574A74}_is1) (Version: 1.0.0.16 - Crawler Group)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - Název společnosti:) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - Název společnosti:) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.13.1.18705 (HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\GoToMeeting) (Version: 10.13.1.18705 - LogMeIn, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - )
HP Documentation (HKLM-x32\...\{EA7EA537-8F93-42A2-9384-66E7F049E6B0}) (Version: 1.4.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.28.13 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3DFFDA17-EE5C-4C09-AB0B-29CD4A9E6C9C}) (Version: 12.17.27.5 - HP)
HP System Event Utility (HKLM-x32\...\{F12B17AB-FCDA-4380-9D35-E3F871BF1093}) (Version: 1.2.6 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 81.0 (x64 cs) (HKLM\...\Mozilla Firefox 81.0 (x64 cs)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla)
MP3 Workshop 4.40 (HKLM-x32\...\MP3 Workshop_is1) (Version: - Audio2x.com)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 344.24 - NVIDIA Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.24 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29082 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.38 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.20 - Synaptics Incorporated)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.181 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
XPS Network (HKLM-x32\...\{7A6A1E1B-58CC-4B47-AFAF-11B171AC9CBB}) (Version: 13.15.0.2 - Sideline Sports)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
Packages:
=========
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_4.5.0.18_x64__kx24dqmazqk8j [2016-10-02] (Random Salad Games LLC)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-11-23] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-11-21] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-02-04] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-06-13] (.-McAfee Inc-.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-05-03] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-11-09] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-27] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-12-02] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-05-06] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-27] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-11-23] (Skype) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-07-17] (HP Inc.)
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2.1.20.0_x64__t3yemqpq4kp7p [2015-11-23] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-05-09] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2015-02-04] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-11-21] (Hewlett-Packard Company)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro
==================== Loaded Modules (Whitelisted) =============
2014-03-28 14:31 - 2014-03-28 14:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:47 - 2014-03-28 14:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-28 14:29 - 2014-03-28 14:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-28 14:32 - 2014-03-28 14:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2015-02-04 16:33 - 2015-02-04 16:33 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2015-02-04 16:09 - 2013-04-02 00:19 - 000574464 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Windows\system32\Rtlihvs.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {F9AFCD15-1D6C-4BE9-B4DF-B0D2033D0EB8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296905901-2605018622-518059273-1001 -> {263478F1-B705-4692-8DC6-325CE6124450} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3296905901-2605018622-518059273-1001 -> {F9AFCD15-1D6C-4BE9-B4DF-B0D2033D0EB8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2020-09-28 11:47 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\Desktop\Lenka\Foto trmalovi\010343.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{36BC910F-DB63-4656-AD5C-7BA8C3E2D058}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1EF76316-C00C-49A9-8065-AF81BEBFE619}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{588CBF2E-673D-4AE2-9CF4-A14FBB96544A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{647AEDDC-E816-4837-B04D-F9BE898839D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{352E0A70-9CB2-4CF7-A597-39C35F029C46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{083BA2B3-F33A-4DDE-9D0A-EE2C4F198890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2BB9A3AB-4287-45D0-A693-AB9DC1243717}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{768161B1-F6DC-404D-9181-AB5F969D6C43}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{0536FF25-D8D3-49BD-8C77-E34E3E983150}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{0216B416-5DA5-4C56-AA9B-C4EAC89ADB3E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1F6E19F9-3F74-40E6-B772-96E2975E5984}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{6D12D151-69DB-4E6C-8C78-F77B21E657DE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D2566B2A-F0C4-472B-BE09-8CDC936182D7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2E387DFB-209C-46B3-A52A-D2E02113218A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C4452EE0-2637-49F5-900A-2868ECA97965}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5A9E5091-EE23-4E27-9344-EAD221188FB8}C:\users\jan\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\jan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4C72BCA6-9F0A-4576-85F6-EBFE3C121113}C:\users\jan\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\jan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B04C6A0A-8023-4C45-A78A-CA12ED382079}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-08-2020 17:42:18 Naplánovaný kontrolní bod
16-09-2020 20:09:57 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/28/2020 03:42:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 11d4
Čas spuštění: 01d6959c6a704f5f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 5c96d476-0190-11eb-82eb-d0bf9c1baae2
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/28/2020 11:16:44 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/28/2020 09:33:33 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (09/26/2020 08:19:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/26/2020 08:16:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1388
Čas spuštění: 01d69430663856dc
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 5ae7122d-0024-11eb-82e5-d0bf9c1baae2
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/26/2020 08:16:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 6.3.9600.17489 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 13f4
Čas spuštění: 01d69430bdd796ab
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: 3688fdc8-0024-11eb-82e5-d0bf9c1baae2
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel
Error: (09/26/2020 08:15:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTES)
Description: Balíček windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (09/26/2020 08:00:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTES)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (09/28/2020 03:39:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Support Solutions Framework Service přestala během spouštění reagovat.
Error: (09/28/2020 03:36:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/28/2020 03:36:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 03:36:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Antivirus bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 03:34:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:57:21, 28. 9. 2020) bylo neočekávané.
Error: (09/28/2020 01:32:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/28/2020 01:32:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Media Player Network Sharing bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 01:32:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Support Solutions Framework Service přestala během spouštění reagovat.
Windows Defender:
===================================
Date: 2016-08-31 08:39:09.748
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.183.39.0;1.183.39.0
Verze modulu: 1.1.10904.0
CodeIntegrity:
===================================
Date: 2018-12-19 13:58:06.800
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:58:03.269
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:59.909
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:56.331
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:52.706
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:49.299
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:45.815
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:42.221
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde F.32 10/28/2014
Motherboard: Hewlett-Packard 2214
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 89%
Total physical RAM: 8078.27 MB
Available physical RAM: 866.7 MB
Total Virtual: 9742.27 MB
Available Virtual: 1102.63 MB
==================== Drives ================================
Drive b: (Nový svazek) (Fixed) (Total:453.75 GB) (Free:314.37 GB) NTFS
Drive c: (Windows) (Fixed) (Total:455.54 GB) (Free:255.81 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.21 GB) (Free:2.36 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{e6868cf5-0272-463e-852b-7492e9ce36f5}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.33 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9B9D0EB4)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Jan (administrator) on NOTES (Hewlett-Packard HP 15 Notebook PC) (28-09-2020 16:19:18)
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Crawler Group, LLC -> Crawler.com) C:\Program Files (x86)\CStart8\CStart8Tray64.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2799272 2014-09-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [507144 2014-09-02] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [CStart8] => C:\PROGRAM FILES (X86)\CSTART8\CSTART8TRAY64.EXE [3135816 2015-06-29] (Crawler Group, LLC -> Crawler.com)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Jan\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {485e26df-63f6-11e7-8286-346895128c7c} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {b494c5db-180b-11e9-82b0-346895128c7c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-09-23] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2020-09-17]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09558A42-A62D-4320-B5C5-2968D5576761} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {193FE9B0-701B-4267-A3CB-BC69AA1B0087} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {3668A0E2-E3A0-43C7-B62E-EAE087C84584} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
Task: {43CB38F1-3351-4613-8AEE-30BFED4CC2B7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4FC9FCCD-6BA2-421D-A4FF-6F41EEB58599} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506136 2020-07-01] (HP Inc. -> HP Inc.)
Task: {640091F5-ADB8-486A-AFA0-10BFD166EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {65A5DE0C-855D-41FC-8DBE-FA7521388650} - System32\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001 => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe [31320 2020-09-17] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7119B6FA-2228-4494-8AD4-921A3137C47A} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [3551704 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
Task: {745E0C8E-BFEB-425E-9283-A870A971C1D0} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-09-23] (CyberLink Corp. -> CyberLink Corp.)
Task: {81879E71-8238-453B-82CE-78712947756C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {855C9D59-E22C-4E9D-99A4-18873C94FDB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506136 2020-07-01] (HP Inc. -> HP Inc.)
Task: {8A95EBA8-FC9F-4F9F-AE64-91F1AAD096FD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8EAB5F2A-390F-4BDE-83B7-A7676F5C6C2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {989D7B9B-D1FC-46A2-9FB3-1E16548D97BE} - System32\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001 => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe [31320 2020-09-17] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9C93010D-9ACA-4153-AB94-AE665B823371} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {A085867A-2CF4-4064-9024-B28FFD4898CB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {A8B15CC4-27A5-470E-AB53-2B9EB62DFF8C} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1180488 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
Task: {AA0E512E-3191-49F9-A7D2-02A93545A846} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-06-19] (HP Inc. -> HP Inc.)
Task: {B1D8D0E2-D308-4B68-A25B-16014676517D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {BCAF7B0B-003D-452F-9B49-9F5D14CB7635} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {C09AFB5D-E6E8-4522-9396-45CE4CF45662} - System32\Tasks\SafeZone scheduled Autoupdate 1465391584 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {CF7217AE-9804-46EE-98CC-D5F803B94A3A} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5251680 2020-09-04] (Avast Software s.r.o. -> Avast Software)
Task: {DE5765D8-0B8E-44FC-8971-F618FD0BB15F} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
Task: {ED28AFDC-659D-4416-A39F-7B5285D21FA5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
Task: {F8EEAA45-C7AC-4C65-A9A3-B47BEA21AC28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job => C:\Users\Jan\AppData\Local\GoToMeeting\18705\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{18E88231-9820-45D8-9D62-2FF52FDBFADD}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D5B24512-7CDE-4007-B7AB-C4421564345E}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jan\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-26]
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge HomePage: Default -> hxxps://www.seznam.cz/
FireFox:
========
FF DefaultProfile: wzmt6nue.default
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wzmt6nue.default [2020-09-28]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2020-09-26]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-07]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-31]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-31]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-08-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-10]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [387928 2020-06-30] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [509192 2014-09-02] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [7509152 2020-09-16] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206392 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235584 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195648 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42768 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175192 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [517592 2020-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851600 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469880 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217328 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326408 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-09-28] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197280 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73880 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131232 2020-09-28] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 mfehidk01; \Device\mfehidk01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-28 15:55 - 2020-09-28 16:18 - 305594032 _____ C:\Users\Jan\Downloads\Andělské oči 1994.mp4.part
2020-09-28 15:55 - 2020-09-28 15:55 - 000000000 _____ C:\Users\Jan\Downloads\Andělské oči 1994.mp4
2020-09-28 13:29 - 2020-09-28 13:29 - 000197280 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-09-28 13:28 - 2020-09-28 15:37 - 000131232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-09-28 13:28 - 2020-09-28 13:28 - 000073880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-09-28 13:07 - 2020-09-28 13:07 - 000000000 ____D C:\Users\Jan\AppData\Local\mbam
2020-09-28 13:06 - 2020-09-28 13:06 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-09-28 13:06 - 2020-09-28 13:06 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-09-28 13:06 - 2020-09-28 13:06 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-28 13:06 - 2020-09-28 13:06 - 000001971 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-28 13:06 - 2020-09-28 13:06 - 000001971 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-28 13:05 - 2020-09-28 13:04 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-09-28 12:53 - 2020-09-28 12:53 - 000000000 ____D C:\Program Files\Malwarebytes
2020-09-28 12:51 - 2020-09-28 12:52 - 002040904 _____ (Malwarebytes) C:\Users\Jan\Desktop\MBSetup.exe
2020-09-28 12:48 - 2020-09-28 12:49 - 000000000 ____D C:\Users\Jan\Desktop\logy
2020-09-28 11:47 - 2020-09-28 11:47 - 001222144 _____ C:\Users\Jan\Downloads\RSITx64.exe
2020-09-28 11:31 - 2020-09-28 11:38 - 000039189 _____ C:\Users\Jan\Downloads\Addition.txt
2020-09-28 11:24 - 2020-09-28 16:21 - 000025827 _____ C:\Users\Jan\Downloads\FRST.txt
2020-09-28 11:24 - 2020-09-28 16:20 - 000000000 ____D C:\FRST
2020-09-28 11:23 - 2020-09-28 11:23 - 002299392 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2020-09-28 09:34 - 2020-09-28 09:34 - 008414384 _____ (Malwarebytes) C:\Users\Jan\Downloads\adwcleaner_8.0.7.exe
2020-09-26 19:41 - 2020-09-28 10:39 - 1643570018 _____ C:\Users\Jan\Downloads\Velká filmová loupež-80m-1986-ČR-HD-1080p-I.avi
2020-09-26 19:20 - 2020-09-26 19:20 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-09-26 18:43 - 2020-09-26 20:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-22 15:51 - 2020-09-22 16:15 - 420313088 _____ C:\Users\Jan\Downloads\Neskutečné historky-2x02 Zlatý Gordon.avi
2020-09-22 15:33 - 2020-09-22 15:51 - 316170591 _____ C:\Users\Jan\Downloads\Monty Python - Neskutecne-historky - 1- Tompkinsova školní léta, CZ dabing.mp4
2020-09-22 09:12 - 2020-09-22 09:11 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-09-22 09:12 - 2020-09-22 09:11 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-09-22 09:12 - 2020-09-22 09:11 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-09-16 20:18 - 2020-09-02 07:52 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-09-16 20:18 - 2020-09-02 07:25 - 003641344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-09-16 20:18 - 2020-08-27 07:04 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-09-16 20:18 - 2020-08-15 09:22 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-09-16 20:18 - 2020-08-15 09:18 - 007363328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-09-16 20:18 - 2020-08-15 06:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-09-16 20:18 - 2020-08-15 06:14 - 001383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-09-16 20:18 - 2020-08-15 05:59 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-09-16 20:18 - 2020-08-15 05:57 - 001559040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-09-16 20:18 - 2020-08-13 06:17 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 020291072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-09-16 20:18 - 2020-08-13 06:06 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-09-16 20:18 - 2020-08-13 05:50 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-09-16 20:18 - 2020-08-13 05:40 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-09-16 20:18 - 2020-08-13 05:30 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-09-16 20:18 - 2020-08-13 05:29 - 015480320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-09-16 20:18 - 2020-08-13 05:18 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-09-16 20:18 - 2020-08-13 05:16 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-09-16 20:18 - 2020-08-13 05:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-09-16 20:18 - 2020-08-13 05:11 - 013862400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-09-16 20:18 - 2020-08-13 05:04 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-09-16 20:18 - 2020-08-13 04:57 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-09-16 20:18 - 2020-08-13 04:53 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-09-16 20:18 - 2020-08-11 08:16 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-09-16 20:18 - 2020-08-11 06:33 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-09-16 20:18 - 2020-08-11 04:44 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-09-16 20:18 - 2020-08-11 04:32 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-09-16 20:17 - 2020-08-29 04:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-09-16 20:17 - 2020-08-20 22:54 - 022382424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-09-16 20:17 - 2020-08-20 22:51 - 019805104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-09-16 20:17 - 2020-08-15 09:18 - 002012928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-09-16 20:17 - 2020-08-15 09:18 - 000373512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-09-16 20:17 - 2020-08-15 07:11 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-09-16 20:17 - 2020-08-15 06:43 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-09-16 20:17 - 2020-08-15 06:39 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-09-16 20:17 - 2020-08-15 06:33 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2020-09-16 20:17 - 2020-08-15 06:17 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2020-09-16 20:17 - 2020-08-15 06:17 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-09-16 20:17 - 2020-08-15 06:14 - 001442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-09-16 20:17 - 2020-08-15 06:12 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2020-09-16 20:17 - 2020-08-15 06:12 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2020-09-16 20:17 - 2020-08-15 06:11 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2020-09-16 20:17 - 2020-08-15 06:11 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2020-09-16 20:17 - 2020-08-15 06:04 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-09-16 20:17 - 2020-08-15 06:02 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000292352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2020-09-16 20:17 - 2020-08-15 05:55 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2020-09-16 20:17 - 2020-08-15 05:50 - 001495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-09-16 20:17 - 2020-08-13 07:25 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-09-16 20:17 - 2020-08-13 07:24 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2020-09-16 20:17 - 2020-08-13 06:41 - 025756672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-09-16 20:17 - 2020-08-13 05:37 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-09-16 20:17 - 2020-08-13 05:26 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-09-16 20:17 - 2020-08-13 05:20 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-09-16 20:17 - 2020-08-13 05:15 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-09-16 20:17 - 2020-08-13 05:12 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-09-16 20:17 - 2020-08-13 04:54 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-09-16 20:17 - 2020-08-13 04:52 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-09-16 20:17 - 2020-08-11 08:19 - 000136824 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-09-16 20:17 - 2020-08-11 08:17 - 000537632 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-09-16 20:17 - 2020-08-11 08:16 - 001210112 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-09-16 20:17 - 2020-08-11 08:12 - 002173376 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-09-16 20:17 - 2020-08-11 08:12 - 001665104 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-09-16 20:17 - 2020-08-11 06:33 - 001037600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-09-16 20:17 - 2020-08-11 06:33 - 000450312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-09-16 20:17 - 2020-08-11 06:31 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-09-16 20:17 - 2020-08-11 06:31 - 001215736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-09-16 20:17 - 2020-08-11 05:30 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-09-16 20:17 - 2020-08-11 05:03 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2020-09-16 20:17 - 2020-08-11 05:03 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-09-16 20:17 - 2020-08-11 05:00 - 003720192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-09-16 20:17 - 2020-08-11 04:57 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2020-09-16 20:17 - 2020-08-11 04:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-09-16 20:17 - 2020-08-11 04:55 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2020-09-16 20:17 - 2020-08-11 04:45 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-09-16 20:17 - 2020-08-11 04:44 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-09-16 20:17 - 2020-08-11 04:41 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-09-16 20:17 - 2020-08-11 02:44 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2020-09-16 20:17 - 2020-08-10 11:18 - 000160144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-09-16 20:17 - 2020-08-10 02:04 - 003223552 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-09-16 20:17 - 2020-08-10 02:04 - 001998848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000843776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000700416 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-09-16 20:17 - 2020-08-10 02:04 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-09-16 20:17 - 2020-08-08 15:43 - 001545912 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-09-16 20:17 - 2020-08-06 15:37 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-09-16 20:17 - 2020-08-06 15:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-08-29 10:09 - 2015-08-21 19:56 - 000000000 ____D C:\Users\Jan\Downloads\Slovenske hity 80-90 CD 1
2020-08-29 10:03 - 2020-08-29 10:08 - 093548739 _____ C:\Users\Jan\Downloads\Slovenske hity 80-90 CD 1.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-28 16:18 - 2018-10-12 10:00 - 000000000 ____D C:\Users\Jan\AppData\LocalLow\Mozilla
2020-09-28 16:10 - 2018-08-19 20:35 - 000000000 ____D C:\Users\Jan\AppData\Local\AVAST Software
2020-09-28 15:59 - 2015-11-18 13:25 - 000003950 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{1036CFB8-C8D4-44C4-881B-8AD268583162}
2020-09-28 15:49 - 2020-03-23 11:34 - 000000538 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001.job
2020-09-28 15:44 - 2015-11-18 12:54 - 000000000 ____D C:\Users\Jan\Documents\Youcam
2020-09-28 15:43 - 2015-11-18 12:56 - 000000000 ___DO C:\Users\Jan\OneDrive
2020-09-28 15:41 - 2017-03-09 13:36 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-09-28 15:36 - 2015-11-18 12:45 - 000000000 ____D C:\Users\Jan
2020-09-28 15:35 - 2020-08-20 13:52 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2020-09-28 15:34 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-28 14:42 - 2020-03-23 11:34 - 000000634 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001.job
2020-09-28 14:28 - 2015-02-04 16:33 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-28 13:04 - 2016-04-30 09:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-28 11:47 - 2016-04-28 17:50 - 000000000 ____D C:\Program Files\trend micro
2020-09-28 11:35 - 2020-04-06 14:23 - 000934912 ___SH C:\Users\Jan\Downloads\Thumbs.db
2020-09-28 09:39 - 2015-11-19 00:15 - 000000000 ____D C:\Program Files\CCleaner
2020-09-28 09:36 - 2016-04-28 17:33 - 000000000 ____D C:\AdwCleaner
2020-09-28 09:33 - 2020-04-01 10:02 - 000000000 ____D C:\Users\Jan\Downloads\Programy
2020-09-28 09:20 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-09-26 20:08 - 2018-10-12 09:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-26 19:25 - 2015-11-18 12:54 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-26 19:21 - 2019-02-08 19:46 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-26 19:20 - 2018-10-12 09:59 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002207 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-26 18:58 - 2020-04-10 10:33 - 000002207 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-26 18:48 - 2020-01-12 20:34 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-26 18:47 - 2020-01-12 20:33 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-26 18:45 - 2020-04-21 13:13 - 000517592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-09-22 15:26 - 2020-05-06 08:38 - 000165376 ___SH C:\Users\Jan\Desktop\Thumbs.db
2020-09-22 14:40 - 2015-11-18 13:58 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-22 14:40 - 2015-11-18 13:58 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-22 14:40 - 2015-11-18 13:58 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 13:33 - 2015-11-19 12:28 - 000000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2020-09-22 10:14 - 2020-04-08 12:48 - 000002332 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-09-22 10:14 - 2020-04-08 12:48 - 000002324 _____ C:\Users\Jan\Desktop\Microsoft Teams.lnk
2020-09-22 09:31 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-09-22 09:13 - 2015-11-18 13:53 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-09-22 09:11 - 2019-01-14 17:02 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-09-22 09:11 - 2019-01-14 16:44 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-09-22 09:11 - 2018-11-01 14:38 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-09-22 09:11 - 2017-11-22 20:19 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-09-22 09:11 - 2015-11-18 13:53 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-09-20 20:02 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2020-09-20 17:49 - 2020-03-23 11:34 - 000000000 ____D C:\Users\Jan\AppData\Local\GoToMeeting
2020-09-17 10:09 - 2020-03-23 11:34 - 000003624 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-17 10:09 - 2020-03-23 11:34 - 000003528 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-3296905901-2605018622-518059273-1001
2020-09-17 10:04 - 2015-12-03 14:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-17 10:03 - 2013-08-22 16:44 - 005113664 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-16 21:16 - 2015-12-07 10:13 - 000000000 ___SD C:\Windows\system32\CompatTel
2020-09-16 21:16 - 2015-12-07 10:13 - 000000000 ____D C:\Windows\system32\appraiser
2020-09-16 21:16 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-09-16 20:43 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-16 20:43 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-09-16 20:25 - 2015-12-03 16:07 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-16 20:25 - 2015-12-03 16:07 - 000000000 ____D C:\Windows\system32\MRT
2020-09-16 19:56 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-09-04 16:03 - 2020-08-15 16:40 - 000075368 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2020-09-01 21:32 - 2014-10-28 12:00 - 000762978 _____ C:\Windows\system32\perfh005.dat
2020-09-01 21:32 - 2014-10-28 12:00 - 000163700 _____ C:\Windows\system32\perfc005.dat
2020-09-01 21:32 - 2014-03-18 11:53 - 001876212 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-01 10:08 - 2018-04-30 13:49 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-08-29 10:04 - 2020-04-01 10:05 - 000000000 ____D C:\Users\Jan\Downloads\Hudba
==================== Files in the root of some directories ========
2016-11-15 19:05 - 2020-06-24 19:53 - 000002844 _____ () C:\Users\Jan\AppData\Local\FSDownloader.err
2015-11-24 00:15 - 2020-07-16 19:42 - 000002264 _____ () C:\Users\Jan\AppData\Local\FSDownloader.nast
2015-11-29 21:03 - 2015-11-29 21:03 - 000000000 _____ () C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-20 20:06
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Jan (28-09-2020 16:27:48)
Running from C:\Users\Jan\Downloads
Windows 8.1 (Update) (X64) (2015-11-18 10:47:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3296905901-2605018622-518059273-500 - Administrator - Disabled)
Guest (S-1-5-21-3296905901-2605018622-518059273-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3296905901-2605018622-518059273-1003 - Limited - Enabled)
Jan (S-1-5-21-3296905901-2605018622-518059273-1001 - Administrator - Enabled) => C:\Users\Jan
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Aktualizace NVIDIA 16.13.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.21 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.7.5118.836 - Avast Software)
C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom 5.x_is1) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Start 8 (HKLM-x32\...\{913D024D-5EB4-4AC3-A412-C87588574A74}_is1) (Version: 1.0.0.16 - Crawler Group)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - Název společnosti:) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - Název společnosti:) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.13.1.18705 (HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\GoToMeeting) (Version: 10.13.1.18705 - LogMeIn, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - )
HP Documentation (HKLM-x32\...\{EA7EA537-8F93-42A2-9384-66E7F049E6B0}) (Version: 1.4.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.28.13 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3DFFDA17-EE5C-4C09-AB0B-29CD4A9E6C9C}) (Version: 12.17.27.5 - HP)
HP System Event Utility (HKLM-x32\...\{F12B17AB-FCDA-4380-9D35-E3F871BF1093}) (Version: 1.2.6 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 81.0 (x64 cs) (HKLM\...\Mozilla Firefox 81.0 (x64 cs)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla)
MP3 Workshop 4.40 (HKLM-x32\...\MP3 Workshop_is1) (Version: - Audio2x.com)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 344.24 - NVIDIA Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.24 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29082 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.38 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.20 - Synaptics Incorporated)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.181 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
XPS Network (HKLM-x32\...\{7A6A1E1B-58CC-4B47-AFAF-11B171AC9CBB}) (Version: 13.15.0.2 - Sideline Sports)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
Packages:
=========
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_4.5.0.18_x64__kx24dqmazqk8j [2016-10-02] (Random Salad Games LLC)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-11-23] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-11-21] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-02-04] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-06-13] (.-McAfee Inc-.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-05-03] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-11-09] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-27] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-12-02] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-05-06] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-27] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-11-23] (Skype) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-07-17] (HP Inc.)
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2.1.20.0_x64__t3yemqpq4kp7p [2015-11-23] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-05-09] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2015-02-04] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-23] (Microsoft Corporation) [MS Ad]
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-11-21] (Hewlett-Packard Company)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3296905901-2605018622-518059273-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro
==================== Loaded Modules (Whitelisted) =============
2014-03-28 14:31 - 2014-03-28 14:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:47 - 2014-03-28 14:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-28 14:29 - 2014-03-28 14:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-28 14:32 - 2014-03-28 14:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2015-02-04 16:33 - 2015-02-04 16:33 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2015-02-04 16:09 - 2013-04-02 00:19 - 000574464 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Windows\system32\Rtlihvs.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {F9AFCD15-1D6C-4BE9-B4DF-B0D2033D0EB8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296905901-2605018622-518059273-1001 -> {263478F1-B705-4692-8DC6-325CE6124450} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3296905901-2605018622-518059273-1001 -> {F9AFCD15-1D6C-4BE9-B4DF-B0D2033D0EB8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2020-09-28 11:47 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\Desktop\Lenka\Foto trmalovi\010343.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{36BC910F-DB63-4656-AD5C-7BA8C3E2D058}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1EF76316-C00C-49A9-8065-AF81BEBFE619}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{588CBF2E-673D-4AE2-9CF4-A14FBB96544A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{647AEDDC-E816-4837-B04D-F9BE898839D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{352E0A70-9CB2-4CF7-A597-39C35F029C46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{083BA2B3-F33A-4DDE-9D0A-EE2C4F198890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2BB9A3AB-4287-45D0-A693-AB9DC1243717}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{768161B1-F6DC-404D-9181-AB5F969D6C43}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{0536FF25-D8D3-49BD-8C77-E34E3E983150}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{0216B416-5DA5-4C56-AA9B-C4EAC89ADB3E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1F6E19F9-3F74-40E6-B772-96E2975E5984}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{6D12D151-69DB-4E6C-8C78-F77B21E657DE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D2566B2A-F0C4-472B-BE09-8CDC936182D7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2E387DFB-209C-46B3-A52A-D2E02113218A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C4452EE0-2637-49F5-900A-2868ECA97965}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5A9E5091-EE23-4E27-9344-EAD221188FB8}C:\users\jan\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\jan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4C72BCA6-9F0A-4576-85F6-EBFE3C121113}C:\users\jan\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\jan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B04C6A0A-8023-4C45-A78A-CA12ED382079}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-08-2020 17:42:18 Naplánovaný kontrolní bod
16-09-2020 20:09:57 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/28/2020 03:42:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 11d4
Čas spuštění: 01d6959c6a704f5f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 5c96d476-0190-11eb-82eb-d0bf9c1baae2
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/28/2020 11:16:44 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/28/2020 09:33:33 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (09/26/2020 08:19:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/26/2020 08:16:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1388
Čas spuštění: 01d69430663856dc
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 5ae7122d-0024-11eb-82e5-d0bf9c1baae2
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/26/2020 08:16:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 6.3.9600.17489 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 13f4
Čas spuštění: 01d69430bdd796ab
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: 3688fdc8-0024-11eb-82e5-d0bf9c1baae2
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel
Error: (09/26/2020 08:15:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTES)
Description: Balíček windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (09/26/2020 08:00:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTES)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (09/28/2020 03:39:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Support Solutions Framework Service přestala během spouštění reagovat.
Error: (09/28/2020 03:36:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/28/2020 03:36:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 03:36:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Antivirus bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 03:34:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:57:21, 28. 9. 2020) bylo neočekávané.
Error: (09/28/2020 01:32:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/28/2020 01:32:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Media Player Network Sharing bylo dosaženo časového limitu (30000 ms).
Error: (09/28/2020 01:32:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Support Solutions Framework Service přestala během spouštění reagovat.
Windows Defender:
===================================
Date: 2016-08-31 08:39:09.748
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.183.39.0;1.183.39.0
Verze modulu: 1.1.10904.0
CodeIntegrity:
===================================
Date: 2018-12-19 13:58:06.800
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:58:03.269
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:59.909
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:56.331
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:52.706
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:49.299
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:45.815
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-19 13:57:42.221
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde F.32 10/28/2014
Motherboard: Hewlett-Packard 2214
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 89%
Total physical RAM: 8078.27 MB
Available physical RAM: 866.7 MB
Total Virtual: 9742.27 MB
Available Virtual: 1102.63 MB
==================== Drives ================================
Drive b: (Nový svazek) (Fixed) (Total:453.75 GB) (Free:314.37 GB) NTFS
Drive c: (Windows) (Fixed) (Total:455.54 GB) (Free:255.81 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.21 GB) (Free:2.36 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{e6868cf5-0272-463e-852b-7492e9ce36f5}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.33 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9B9D0EB4)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzá notebook
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Jan\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {485e26df-63f6-11e7-8286-346895128c7c} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {b494c5db-180b-11e9-82b0-346895128c7c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} - "F:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {09558A42-A62D-4320-B5C5-2968D5576761} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {193FE9B0-701B-4267-A3CB-BC69AA1B0087} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {640091F5-ADB8-486A-AFA0-10BFD166EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
C:\Program Files\Bonjour
S3 mfehidk01; \Device\mfehidk01.sys [X]
C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7}
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzá notebook
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Jan (28-09-2020 17:45:49) Run:1
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {485e26df-63f6-11e7-8286-346895128c7c} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {b494c5db-180b-11e9-82b0-346895128c7c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} - "F:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {09558A42-A62D-4320-B5C5-2968D5576761} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {193FE9B0-701B-4267-A3CB-BC69AA1B0087} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {640091F5-ADB8-486A-AFA0-10BFD166EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
C:\Program Files\Bonjour
S3 mfehidk01; \Device\mfehidk01.sys [X]
C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7}
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{485e26df-63f6-11e7-8286-346895128c7c} => removed successfully
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b494c5db-180b-11e9-82b0-346895128c7c} => removed successfully
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09558A42-A62D-4320-B5C5-2968D5576761}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09558A42-A62D-4320-B5C5-2968D5576761}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner\WDRSkipUAC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{193FE9B0-701B-4267-A3CB-BC69AA1B0087}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{193FE9B0-701B-4267-A3CB-BC69AA1B0087}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{640091F5-ADB8-486A-AFA0-10BFD166EAC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{640091F5-ADB8-486A-AFA0-10BFD166EAC2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Program Files\Bonjour" => not found
HKLM\System\CurrentControlSet\Services\mfehidk01 => removed successfully
mfehidk01 => service removed successfully
C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7} => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BtSendToMenuEx => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9954847 B
Java, Flash, Steam htmlcache => 1292 B
Windows/system/drivers => 223932107 B
Edge => 0 B
Chrome => 24368080 B
Firefox => 611393009 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 9525 B
Users => 9525 B
ProgramData => 9525 B
Public => 9525 B
systemprofile => 162330 B
systemprofile32 => 4000595 B
LocalService => 4031895 B
NetworkService => 4031895 B
Jan => 91432885 B
RecycleBin => 669593858 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:49:32 ====
Ran by Jan (28-09-2020 17:45:49) Run:1
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {485e26df-63f6-11e7-8286-346895128c7c} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {b494c5db-180b-11e9-82b0-346895128c7c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\...\MountPoints2: {ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} - "F:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {09558A42-A62D-4320-B5C5-2968D5576761} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {193FE9B0-701B-4267-A3CB-BC69AA1B0087} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {640091F5-ADB8-486A-AFA0-10BFD166EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
C:\Program Files\Bonjour
S3 mfehidk01; \Device\mfehidk01.sys [X]
C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7}
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-3296905901-2605018622-518059273-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{485e26df-63f6-11e7-8286-346895128c7c} => removed successfully
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b494c5db-180b-11e9-82b0-346895128c7c} => removed successfully
HKU\S-1-5-21-3296905901-2605018622-518059273-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff0559d7-e7d0-11ea-82dd-d0bf9c1baae2} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09558A42-A62D-4320-B5C5-2968D5576761}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09558A42-A62D-4320-B5C5-2968D5576761}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner\WDRSkipUAC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{193FE9B0-701B-4267-A3CB-BC69AA1B0087}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{193FE9B0-701B-4267-A3CB-BC69AA1B0087}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{640091F5-ADB8-486A-AFA0-10BFD166EAC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{640091F5-ADB8-486A-AFA0-10BFD166EAC2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Program Files\Bonjour" => not found
HKLM\System\CurrentControlSet\Services\mfehidk01 => removed successfully
mfehidk01 => service removed successfully
C:\Users\Jan\AppData\Local\{12007E94-C9D6-4100-8DEC-1AA31E117CB7} => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BtSendToMenuEx => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9954847 B
Java, Flash, Steam htmlcache => 1292 B
Windows/system/drivers => 223932107 B
Edge => 0 B
Chrome => 24368080 B
Firefox => 611393009 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 9525 B
Users => 9525 B
ProgramData => 9525 B
Public => 9525 B
systemprofile => 162330 B
systemprofile32 => 4000595 B
LocalService => 4031895 B
NetworkService => 4031895 B
Jan => 91432885 B
RecycleBin => 669593858 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:49:32 ====
Re: Zamrzá notebook
před vložením proběhl restart
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzá notebook
To je v pořádku. Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzá notebook
Zatím to chodí, začne to zamrzat po delší době, tak po hodině práce, do té doby to chodí vcelku dobře. Pokud nastane, připomenu se. Zatím moc děkuji.
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzá notebook
Zatím není zač. Nechám to tu otevřené.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzá notebook
Dobrý večer, tak to opět zlobí. Chodilo to dobře, svižněji, ale teď to opět zamrzlo. Po promazání to vydrželo delší interval. Musel jsem pak přesto vypnout natvrdo.
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzá notebook
Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzá notebook
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2020/09/28 21:22:26
-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- TOSHIBA MQ01ABD100
- hp DVDRW GUB0N
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD100 : 1000,2 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD100
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD100
Firmware : AX1P2C
Serial Number : 15KBPBNST
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 1276 hod.
Power On Count : 562 krát
Temperature : 41 C (105 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : B: C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __2 0000000006BF Čas na roztočení ploten
04 100 100 __0 000000000233 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _97 _97 __0 0000000004FC Hodin v činnosti
0A 111 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000232 Počet cyklů zapnutí zařízení
B7 100 100 __1 000000000DE3 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
B9 100 100 __1 00000000FFFF Specifický pro výrobce
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __1 000000000000 Vysoká rychlost zápisu
BE _59 _54 _40 000029280029 Teplota toku vzduchu
BF 100 100 __0 000000000076 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000260026 Počet vypnutí disku
C1 100 100 __0 000000000DF6 Počet cyklů načítání/vymazání
C2 _59 _54 _40 000029280029 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2031 354B 4250 424E 5354
020: 0000 4000 0000 4158 3150 3243 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4431 3030 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8D0E 0004 004C 0048
080: 01F8 0000 706B 7C69 6123 7069 BC49 6123 203F 0066
090: 0066 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 0396
110: 0268 59FC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 78A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 27
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 64 64 BF
020: 06 00 00 00 00 00 04 32 00 64 64 33 02 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 61 61 FC 04 00 00 00
060: 00 00 0A 33 00 6F 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 32 02 00 00 00 00 00 B7 32 00 64 64 E3
080: 0D 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 3B 36 29 00 28 29 00 00 00 BF 32
0D0: 00 64 64 76 00 00 00 00 00 00 C0 22 00 64 64 26
0E0: 00 26 00 00 00 00 C1 32 00 64 64 F6 0D 00 00 00
0F0: 00 00 C2 22 00 3B 36 29 00 28 29 00 00 00 C4 32
100: 00 64 64 00 00 00 00 00 00 00 C5 32 00 64 64 00
110: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 D2 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C2 28 00 00 00 00 00 00 00 00 00 00 C4 00
100: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
110: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A1
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2020/09/28 21:22:26
-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- TOSHIBA MQ01ABD100
- hp DVDRW GUB0N
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD100 : 1000,2 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD100
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD100
Firmware : AX1P2C
Serial Number : 15KBPBNST
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 1276 hod.
Power On Count : 562 krát
Temperature : 41 C (105 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : B: C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __2 0000000006BF Čas na roztočení ploten
04 100 100 __0 000000000233 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _97 _97 __0 0000000004FC Hodin v činnosti
0A 111 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000232 Počet cyklů zapnutí zařízení
B7 100 100 __1 000000000DE3 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
B9 100 100 __1 00000000FFFF Specifický pro výrobce
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __1 000000000000 Vysoká rychlost zápisu
BE _59 _54 _40 000029280029 Teplota toku vzduchu
BF 100 100 __0 000000000076 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000260026 Počet vypnutí disku
C1 100 100 __0 000000000DF6 Počet cyklů načítání/vymazání
C2 _59 _54 _40 000029280029 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2031 354B 4250 424E 5354
020: 0000 4000 0000 4158 3150 3243 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4431 3030 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8D0E 0004 004C 0048
080: 01F8 0000 706B 7C69 6123 7069 BC49 6123 203F 0066
090: 0066 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 0396
110: 0268 59FC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 78A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 27
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 64 64 BF
020: 06 00 00 00 00 00 04 32 00 64 64 33 02 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 61 61 FC 04 00 00 00
060: 00 00 0A 33 00 6F 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 32 02 00 00 00 00 00 B7 32 00 64 64 E3
080: 0D 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 3B 36 29 00 28 29 00 00 00 BF 32
0D0: 00 64 64 76 00 00 00 00 00 00 C0 22 00 64 64 26
0E0: 00 26 00 00 00 00 C1 32 00 64 64 F6 0D 00 00 00
0F0: 00 00 C2 22 00 3B 36 29 00 28 29 00 00 00 C4 32
100: 00 64 64 00 00 00 00 00 00 00 C5 32 00 64 64 00
110: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 D2 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C2 28 00 00 00 00 00 00 00 00 00 00 C4 00
100: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
110: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A1
Přispějete na provoz fóra?