Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by ZdenkaT (administrator) on ZDENKA (ASUSTeK COMPUTER INC. X553MA) (28-12-2020 12:10:03)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spkl.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Video Technology -> ) C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spmm.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn32.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn64.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmservice.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] (ASUS Cloud Corporation -> )
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\Windows\runkey.exe [489472 2015-06-25] () [File not signed]
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8410208 2020-12-09] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [CCleanerBrowserAutoLaunch_924491819F5447E3F3C5F7FE2EF4BBF4] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [4146024 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\...\Windows x64\Print Processors\MIPR64_Q: C:\Windows\System32\spool\prtprocs\x64\MIPR64_Q.DLL [56832 2018-08-16] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2020-12-09] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {1B320336-EA17-4340-80C4-F85B8B4B9D06} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1BB225BF-D97F-4DEA-9E59-D6F6796CD5B7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {1BD69E7C-6470-4BB8-A944-04FF53A89E1F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-03-31] (ASUSTeK Computer Inc. -> AsusTek)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3E168430-A11C-4EA2-B883-C02B4B178642} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {4806CE99-7795-4551-A4C6-137F51806A46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4971A62F-5CFA-40E9-A0BD-97C97B0B0879} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {530E90BA-5E30-48FC-A10E-D6A6110D897C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {5D78CC34-EA02-44E1-847E-08A91D972A27} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {614E54CB-B200-4E50-9AD3-D8BB60615966} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1271424 2014-09-02] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70E81AC8-CBEC-4954-B879-B0516735C720} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7FDA3455-C013-4AC3-A49D-DE7B41A95FB4} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8B37A4EE-84C8-4E08-B19F-3188162832A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B65692F-EEB9-4358-BB66-5B539E55EB48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {91DB438A-A3E0-4B17-A206-47770C416DE2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE782480-113B-4D33-AD08-67F3858454E4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B09D6453-35EB-422D-8B4E-B2C3A7E0EECE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BCF0B1D5-0F21-4038-8E39-190628C92842} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440 2014-04-02] (ASUSTeK Computer Inc. -> ASUS)
Task: {C58361F0-139B-404A-940F-8F99761021AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D94AD55B-A149-45C0-A6AF-78360524DA81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAA9E255-123C-4408-B6BB-C6A54771D8A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCAE0E70-F7CF-4083-9248-166207AFF476} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {E02A45FA-49DC-48EE-A837-7695E43314C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5D06F33-5B86-41A7-BB86-DE17EFEC2C54} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {EAC27566-E63F-4B77-937A-7F48CF784BB1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {F99017DF-3855-4944-9B7F-D263FFF8E6BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4EF53902-124A-407B-9200-A0FF2AB40C6D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD3FB71E-2F36-4B17-AE57-41340214016C}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
======
Edge Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-28]
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default [2020-12-28]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-15]
CHR Extension: (Dokumenty) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-15]
CHR Extension: (Disk Google) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-28]
CHR Extension: (YouTube) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-28]
CHR Extension: (Tabulky) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-11]
CHR Extension: (Gmail) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-28]
CHR Extension: (Chrome Media Router) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [136040 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-31] (McAfee, LLC -> McAfee, Inc.)
R2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [170336 2020-04-10] (VoiceFive, Inc. -> VoiceFive, Inc.) <==== ATTENTION
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2020-12-09] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67032 2019-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-28 12:10 - 2020-12-28 12:12 - 000023965 _____ C:\Users\ZdenkaT.Zdenka\Desktop\FRST.txt
2020-12-28 12:08 - 2020-12-28 12:11 - 000000000 ____D C:\FRST
2020-12-28 12:07 - 2020-12-28 12:07 - 002286592 _____ (Farbar) C:\Users\ZdenkaT.Zdenka\Desktop\FRST64.exe
2020-12-28 11:47 - 2020-12-28 11:47 - 000032786 _____ C:\Users\ZdenkaT.Zdenka\Documents\cc_20201228_114657.reg
2020-12-28 11:47 - 2020-12-28 11:47 - 000004792 _____ C:\Users\ZdenkaT.Zdenka\Documents\cc_20201228_114745.reg
2020-12-28 03:05 - 2020-12-28 03:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-12-28 02:59 - 2020-12-28 02:59 - 000000020 ___SH C:\Users\ZdenkaT.Zdenka\ntuser.ini
2020-12-28 02:57 - 2020-12-28 02:58 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-28 02:57 - 2020-12-28 02:58 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-12-28 02:57 - 2020-12-28 02:58 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-12-28 02:57 - 2020-12-28 02:58 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3115180121-443120830-933865723-1001
2020-12-28 02:57 - 2020-12-28 02:58 - 000002748 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3115180121-443120830-933865723-1001
2020-12-28 02:57 - 2020-12-28 02:57 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-28 02:57 - 2020-12-28 02:57 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-28 02:57 - 2020-12-28 02:57 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-28 02:57 - 2020-12-28 02:57 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-12-28 02:57 - 2020-12-28 02:57 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-28 02:57 - 2020-12-28 02:57 - 000003114 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{22C8DE09-4498-4E85-A7B8-5087B49FCBBC}
2020-12-28 02:57 - 2020-12-28 02:57 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-28 02:57 - 2020-12-28 02:57 - 000002782 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2020-12-28 02:57 - 2020-12-28 02:57 - 000002774 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3115180121-443120830-933865723-500
2020-12-28 02:57 - 2020-12-28 02:57 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-12-28 02:57 - 2020-12-28 02:57 - 000002552 _____ C:\WINDOWS\system32\Tasks\ASUS Smart Gesture Launcher
2020-12-28 02:57 - 2020-12-28 02:57 - 000002234 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-28 02:57 - 2020-12-28 02:57 - 000002188 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2020-12-28 02:57 - 2020-12-28 02:57 - 000002180 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2020-12-28 02:57 - 2020-12-28 02:57 - 000002174 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-12-28 02:57 - 2020-12-28 02:57 - 000002054 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2020-12-28 02:57 - 2020-12-28 02:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-28 02:57 - 2020-12-28 02:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2020-12-28 02:57 - 2020-12-28 02:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2020-12-28 02:55 - 2020-12-28 02:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-12-28 02:55 - 2020-12-28 02:57 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-12-28 02:52 - 2020-12-28 02:52 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-28 02:37 - 2020-12-28 02:37 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-28 02:22 - 2020-12-28 02:59 - 000000000 ____D C:\Users\ZdenkaT.Zdenka
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Šablony
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Soubory cookie
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Poslední
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Okolní tiskárny
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Okolní síť
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Nabídka Start
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Dokumenty
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Documents\Obrázky
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Documents\Hudba
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Documents\Filmy
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Data aplikací
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\AppData\Local\Data aplikací
2020-12-28 02:22 - 2019-12-07 10:10 - 000001105 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-28 02:21 - 2020-12-28 02:21 - 000001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2020-12-28 02:21 - 2020-12-28 02:21 - 000001373 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2020-12-28 02:20 - 2016-05-03 23:30 - 000081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2020-12-28 02:20 - 2016-05-03 23:30 - 000077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2020-12-28 02:15 - 2020-12-28 11:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-28 02:14 - 2020-12-28 02:30 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-28 02:14 - 2020-12-28 02:15 - 000331704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-28 02:13 - 2020-12-28 02:58 - 000000000 ____D C:\Windows.old
2020-12-28 02:04 - 2020-12-28 02:13 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-12-28 01:57 - 2020-12-28 02:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-12-28 01:57 - 2020-12-28 01:57 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-12-28 01:51 - 2020-12-28 01:51 - 000000000 ____D C:\ProgramData\ssh
2020-12-28 01:37 - 2020-12-28 01:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-28 01:37 - 2020-12-28 01:37 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-12-28 01:37 - 2020-12-28 01:37 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-12-28 01:37 - 2020-12-28 01:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-12-28 01:37 - 2020-12-28 01:37 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-12-28 01:37 - 2020-12-28 01:37 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-12-28 01:36 - 2020-12-28 01:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-28 01:36 - 2020-12-28 01:36 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-12-28 01:36 - 2020-12-28 01:36 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-12-28 01:36 - 2020-12-28 01:36 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-12-28 01:36 - 2020-12-28 01:36 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-12-28 01:36 - 2020-12-28 01:36 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-12-28 01:36 - 2020-12-28 01:36 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-28 01:35 - 2020-12-28 01:36 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-12-28 01:35 - 2020-12-28 01:35 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-12-28 01:35 - 2020-12-28 01:35 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-12-28 01:35 - 2020-12-28 01:35 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-28 01:35 - 2020-12-28 01:35 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-12-28 01:34 - 2020-12-28 01:34 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-12-28 01:34 - 2020-12-28 01:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-28 01:34 - 2020-12-28 01:34 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-12-28 01:34 - 2020-12-28 01:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-28 01:33 - 2020-12-28 01:33 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-12-28 01:33 - 2020-12-28 01:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-28 01:33 - 2020-12-28 01:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-28 01:33 - 2020-12-28 01:33 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-28 01:32 - 2020-12-28 01:32 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-28 01:32 - 2020-12-28 01:32 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-28 01:32 - 2020-12-28 01:32 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-12-28 01:32 - 2020-12-28 01:32 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-12-28 01:32 - 2020-12-28 01:32 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-12-28 01:32 - 2020-12-28 01:32 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-12-28 01:31 - 2020-12-28 01:31 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-28 01:30 - 2020-12-28 01:30 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-12-28 01:30 - 2020-12-28 01:30 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-12-28 01:30 - 2020-12-28 01:30 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-28 01:11 - 2020-12-28 01:11 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-12-28 01:11 - 2020-12-28 01:11 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-12-28 01:06 - 2020-12-28 01:06 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files\MSBuild
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-12-27 15:37 - 2020-12-27 15:43 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\Desktop\hudba
2020-12-09 22:02 - 2020-12-28 02:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
2020-12-09 19:53 - 2020-12-28 02:58 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-09 17:43 - 2020-12-28 02:34 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-12-09 17:43 - 2020-12-28 02:34 - 000002354 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-12-09 17:43 - 2020-12-09 17:43 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\CCleaner Browser
2020-12-09 17:43 - 2020-12-09 17:43 - 000000000 ____D C:\ProgramData\CCleaner Browser
2020-12-09 17:41 - 2020-12-09 17:43 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2020-12-09 17:40 - 2020-12-28 11:45 - 000000000 ____D C:\Program Files\CCleaner
2020-12-09 17:40 - 2020-12-28 02:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-12-09 17:40 - 2020-12-09 17:40 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-09 17:39 - 2020-12-09 17:53 - 000000000 ____D C:\Program Files\WinZip Driver Updater
2020-12-09 17:39 - 2020-12-09 17:39 - 030469496 _____ (Piriform Software Ltd) C:\Users\ZdenkaT.Zdenka\Downloads\ccsetup574.exe
2020-12-09 17:35 - 2020-12-28 02:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-12-09 17:35 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft
2020-12-09 17:35 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft
2020-12-09 17:35 - 2020-04-10 01:06 - 001111392 _____ (VoiceFive, Inc.) C:\WINDOWS\system32\pmls64.dll
2020-12-09 17:35 - 2020-04-10 01:06 - 000754016 _____ (VoiceFive, Inc.) C:\WINDOWS\SysWOW64\pmls.dll
2020-12-09 17:34 - 2020-12-28 11:45 - 000000000 ____D C:\Program Files (x86)\PremierOpinion
2020-12-09 17:34 - 2020-12-09 17:34 - 030469496 _____ (Piriform Software Ltd) C:\Users\ZdenkaT.Zdenka\Downloads\ccleaner.exe
2020-12-09 17:34 - 2020-12-09 17:34 - 000000000 ____D C:\ProgramData\Lavasoft
2020-12-09 17:34 - 2020-12-09 17:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-12-09 17:32 - 2020-12-09 17:32 - 003784256 _____ (File wizard ) C:\Users\ZdenkaT.Zdenka\Downloads\ccleaner_3235337529.exe
2020-12-09 17:28 - 2020-12-09 17:28 - 000002226 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-ClickCleaner.lnk
2020-12-05 22:26 - 2020-12-05 22:26 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-28 12:24 - 2019-12-31 18:15 - 000000000 ____D C:\ProgramData\Adguard
2020-12-28 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-28 12:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-28 11:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-28 11:50 - 2018-08-15 05:34 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\Packages
2020-12-28 11:44 - 2018-08-15 05:38 - 000000093 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
2020-12-28 03:23 - 2014-10-21 05:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-28 03:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-28 03:10 - 2019-12-31 18:14 - 000000000 ____D C:\Program Files (x86)\Adguard
2020-12-28 03:09 - 2019-12-31 18:17 - 000000222 _____ C:\ProgramData\fontcacheev1.dat
2020-12-28 03:09 - 2019-12-31 18:15 - 000000222 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2020-12-28 03:09 - 2019-12-31 18:15 - 000000222 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp
2020-12-28 03:01 - 2019-12-31 16:40 - 000000000 ____D C:\ProgramData\Packages
2020-12-28 03:01 - 2019-12-31 16:21 - 000000000 ___RD C:\Users\ZdenkaT.Zdenka\3D Objects
2020-12-28 03:01 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-28 03:01 - 2018-07-18 22:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-28 03:00 - 2019-12-31 16:21 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-12-28 03:00 - 2019-12-31 16:21 - 000000000 __SHD C:\Users\ZdenkaT\IntelGraphicsProfiles
2020-12-28 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-28 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2020-12-28 02:58 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-28 02:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-12-28 02:57 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-28 02:54 - 2015-12-03 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2020-12-28 02:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-28 02:37 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-28 02:37 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-28 02:34 - 2020-07-01 16:55 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-28 02:34 - 2020-07-01 16:55 - 000002259 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-28 02:34 - 2018-08-15 05:45 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-28 02:34 - 2018-08-15 05:45 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-28 02:29 - 2019-12-31 17:28 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2020-12-28 02:29 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-28 02:29 - 2018-08-25 14:18 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-28 02:21 - 2015-12-03 14:24 - 000319042 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2020-12-28 02:21 - 2015-12-03 14:24 - 000006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2020-12-28 02:21 - 2015-12-03 14:24 - 000002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2020-12-28 02:20 - 2015-12-03 14:24 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-12-28 02:19 - 2015-12-03 14:30 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2020-12-28 02:13 - 2020-06-10 17:22 - 000000000 ____D C:\Program Files\UNP
2020-12-28 02:13 - 2019-12-31 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard
2020-12-28 02:13 - 2019-12-31 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-12-28 02:13 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2020-12-28 02:13 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\InputMethod
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-28 02:13 - 2019-12-02 16:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Hotspot Shield
2020-12-28 02:13 - 2019-06-30 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyrix Free Keylogger
2020-12-28 02:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-12-28 02:13 - 2018-08-25 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-28 02:13 - 2018-08-15 06:14 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2020-12-28 02:13 - 2018-07-20 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-28 02:13 - 2015-12-03 14:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-12-28 02:13 - 2015-12-03 14:18 - 000000000 ____D C:\Program Files\Intel
2020-12-28 02:13 - 2014-10-21 05:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-12-28 02:13 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-28 02:13 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2020-12-28 02:13 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-12-28 02:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2020-12-28 02:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2020-12-28 02:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-12-28 02:12 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-12-28 02:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2020-12-28 02:04 - 2015-12-03 14:24 - 000000000 ____D C:\Program Files\Realtek
2020-12-28 01:52 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-28 01:51 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-28 01:51 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-28 01:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-28 01:48 - 2019-12-07 15:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-12-28 01:48 - 2019-12-07 15:44 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-12-28 01:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-12-28 01:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-12-28 01:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-12-09 17:53 - 2019-06-30 14:46 - 000000000 ____D C:\ProgramData\WinZip
2020-12-09 17:44 - 2019-08-01 17:58 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\DAEMON Tools Lite
2020-12-09 17:14 - 2019-12-11 20:02 - 000568063 _____ C:\Users\ZdenkaT.Zdenka\Desktop\vstupenky na kabaty 2020.pdf
2020-12-09 17:13 - 2019-12-31 17:47 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 17:07 - 2019-12-31 17:12 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\D3DSCache
2020-12-09 17:00 - 2019-12-31 16:33 - 000000000 ___RD C:\Users\ZdenkaT.Zdenka\OneDrive
2020-12-05 11:18 - 2019-12-31 16:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-29 00:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-28 23:52 - 2019-12-31 16:33 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\PlaceholderTileLogoFolder
2020-11-28 11:32 - 2020-10-06 16:14 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-28 11:29 - 2018-07-23 21:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-28 11:24 - 2018-08-15 12:23 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2019-12-31 18:17 - 2020-12-28 03:09 - 000000222 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-15 05:38 - 2020-12-28 11:44 - 000000093 _____ () C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím!
Přidejte ještě log Addition. Je v souboru addition.txt ne ploše.
Přidejte ještě log Addition. Je v souboru addition.txt ne ploše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by ZdenkaT (28-12-2020 12:25:17)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-12-28 01:58:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3115180121-443120830-933865723-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3115180121-443120830-933865723-503 - Limited - Disabled)
Guest (S-1-5-21-3115180121-443120830-933865723-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3115180121-443120830-933865723-504 - Limited - Disabled)
ZdenkaT (S-1-5-21-3115180121-443120830-933865723-1001 - Administrator - Enabled) => C:\Users\ZdenkaT.Zdenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.338.320 - VoiceFive, Inc.) <==== ATTENTION
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spyrix Free Keylogger 9.0.5 (HKLM-x32\...\Spyrix Free Keylogger_is1) (Version: 9.0.5 - Spyrix Security Inc.)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Web Companion (HKLM-x32\...\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}) (Version: 7.0.2348.4179 - Lavasoft)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows 10 Manager (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Windows 10 Manager 3.1.2) (Version: 3.1.2 - Yamicsoft)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2018-09-29] (ASUS Cloud Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-09-26] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_6.4.0.0_x86__8ptj331gd3tyt [2020-12-05] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2018-09-26] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2020-01-01] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-01] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-09-26] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3115180121-443120830-933865723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-04-02 15:46 - 2014-04-02 15:46 - 000117248 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2019-12-31 18:04 - 2017-03-14 16:51 - 001714688 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2019-06-30 15:52 - 2014-07-08 10:18 - 000317952 _____ () [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\ime32.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 000163840 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 001600000 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-12-31 18:16 - 000000940 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{32EEC35C-6F6C-4934-8CEF-0ABC0B2445DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F5836CB-442C-4D75-9792-B7944695DF55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85729891-A06A-4AB8-AD54-92623C576CBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82D82966-8A1C-48E3-BEDC-E59E71A27A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0B533A85-4B82-4565-8963-5CAF01E947F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{715FACFA-C795-4B22-B5C3-22A47994A8F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A633E5E3-1769-4F4A-B207-C4B09E8BED7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{061AFAF7-F632-4B33-A06C-ADB96F0C0C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AEAD259-2DAD-4E83-87B3-FA2FD8C224AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F0A82767-4B7F-45F3-9110-DA01B95DF210}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{848CDF92-E295-4A90-8513-FA4CD540FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08742F70-A562-42B2-8DBF-0D796EC416AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F92BA532-6CA1-463F-8437-55AACC9A30F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0FC7781-85E8-445A-B08E-42C38B7CD4B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99ED8408-2EF1-4EF6-A45D-5D916E845DA9}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E05B6CF6-3549-47EC-9EC2-3AE5A2E377E5}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe (VoiceFive, Inc. -> VoiceFive, Inc.)
FirewallRules: [{14B1EE97-E4C5-403B-98D1-DB7ECA376032}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe (VoiceFive, Inc. -> VoiceFive, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:372.6 GB) (Free:299.18 GB) (80%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/28/2020 02:17:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.
System errors:
=============
Error: (12/28/2020 09:37:32 AM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/28/2020 03:25:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/28/2020 03:25:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2020 03:08:14 AM) (Source: DCOM) (EventID: 10005) (User: Zdenka)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby gupdatem s argumenty /comsvc za účelem spuštění serveru:
{E225E692-4B47-4777-9BED-4FD7FE257F0E}
Error: (12/28/2020 03:08:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdatem) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/28/2020 03:08:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdatem) bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2020 03:05:13 AM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/28/2020 02:59:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===================================
Date: 2020-12-28 11:55:36.1070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 11:50:25.9780000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 11:49:35.3100000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 11:49:35.1890000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 03:06:12.4410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 03:05:15.4330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X553MA.214 08/03/2015
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 88%
Total physical RAM: 3978.54 MB
Available physical RAM: 440 MB
Total Virtual: 5258.54 MB
Available Virtual: 917.92 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:299.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:533.55 GB) NTFS
\\?\Volume{d6079a63-7b7b-48e6-a18b-8fc623f483e9}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{57b2d90b-2baf-4d9a-acc6-49831a155a79}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.2 GB) NTFS
\\?\Volume{2d7c9b8a-692d-4bf2-a646-7f7b43d46844}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 293E6C83)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by ZdenkaT (28-12-2020 12:25:17)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-12-28 01:58:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3115180121-443120830-933865723-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3115180121-443120830-933865723-503 - Limited - Disabled)
Guest (S-1-5-21-3115180121-443120830-933865723-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3115180121-443120830-933865723-504 - Limited - Disabled)
ZdenkaT (S-1-5-21-3115180121-443120830-933865723-1001 - Administrator - Enabled) => C:\Users\ZdenkaT.Zdenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.338.320 - VoiceFive, Inc.) <==== ATTENTION
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spyrix Free Keylogger 9.0.5 (HKLM-x32\...\Spyrix Free Keylogger_is1) (Version: 9.0.5 - Spyrix Security Inc.)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Web Companion (HKLM-x32\...\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}) (Version: 7.0.2348.4179 - Lavasoft)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows 10 Manager (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Windows 10 Manager 3.1.2) (Version: 3.1.2 - Yamicsoft)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2018-09-29] (ASUS Cloud Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-09-26] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_6.4.0.0_x86__8ptj331gd3tyt [2020-12-05] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2018-09-26] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2020-01-01] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-01] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-09-26] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3115180121-443120830-933865723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-04-02 15:46 - 2014-04-02 15:46 - 000117248 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2019-12-31 18:04 - 2017-03-14 16:51 - 001714688 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2019-06-30 15:52 - 2014-07-08 10:18 - 000317952 _____ () [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\ime32.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 000163840 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 001600000 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-12-31 18:16 - 000000940 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{32EEC35C-6F6C-4934-8CEF-0ABC0B2445DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F5836CB-442C-4D75-9792-B7944695DF55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85729891-A06A-4AB8-AD54-92623C576CBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82D82966-8A1C-48E3-BEDC-E59E71A27A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0B533A85-4B82-4565-8963-5CAF01E947F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{715FACFA-C795-4B22-B5C3-22A47994A8F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A633E5E3-1769-4F4A-B207-C4B09E8BED7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{061AFAF7-F632-4B33-A06C-ADB96F0C0C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AEAD259-2DAD-4E83-87B3-FA2FD8C224AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F0A82767-4B7F-45F3-9110-DA01B95DF210}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{848CDF92-E295-4A90-8513-FA4CD540FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08742F70-A562-42B2-8DBF-0D796EC416AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F92BA532-6CA1-463F-8437-55AACC9A30F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0FC7781-85E8-445A-B08E-42C38B7CD4B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99ED8408-2EF1-4EF6-A45D-5D916E845DA9}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E05B6CF6-3549-47EC-9EC2-3AE5A2E377E5}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe (VoiceFive, Inc. -> VoiceFive, Inc.)
FirewallRules: [{14B1EE97-E4C5-403B-98D1-DB7ECA376032}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe (VoiceFive, Inc. -> VoiceFive, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:372.6 GB) (Free:299.18 GB) (80%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/28/2020 02:17:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.
System errors:
=============
Error: (12/28/2020 09:37:32 AM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/28/2020 03:25:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/28/2020 03:25:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2020 03:08:14 AM) (Source: DCOM) (EventID: 10005) (User: Zdenka)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby gupdatem s argumenty /comsvc za účelem spuštění serveru:
{E225E692-4B47-4777-9BED-4FD7FE257F0E}
Error: (12/28/2020 03:08:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdatem) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/28/2020 03:08:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdatem) bylo dosaženo časového limitu (30000 ms).
Error: (12/28/2020 03:05:13 AM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/28/2020 02:59:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===================================
Date: 2020-12-28 11:55:36.1070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 11:50:25.9780000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 11:49:35.3100000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 11:49:35.1890000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 03:06:12.4410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-28 03:05:15.4330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X553MA.214 08/03/2015
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 88%
Total physical RAM: 3978.54 MB
Available physical RAM: 440 MB
Total Virtual: 5258.54 MB
Available Virtual: 917.92 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:299.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:533.55 GB) NTFS
\\?\Volume{d6079a63-7b7b-48e6-a18b-8fc623f483e9}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{57b2d90b-2baf-4d9a-acc6-49831a155a79}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.2 GB) NTFS
\\?\Volume{2d7c9b8a-692d-4bf2-a646-7f7b43d46844}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 293E6C83)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-19-2021
# Duration: 00:01:18
# OS: Windows 10 Home
# Cleaned: 56
# Awaiting reboot:2
# Failed: 0
***** [ Services ] *****
Deleted PremierOpinion
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\Program Files (x86)\PremierOpinion
Deleted C:\Program Files\WinZip Driver Updater
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
Deleted C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\Windows\SysWOW64\pmls.dl_
Deleted C:\Windows\System32\pmls64.dl_
Needs Reboot C:\Windows\SysWOW64\pmls.dll
Needs Reboot C:\Windows\System32\PMLS64.DLL
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\WebDiscoverBrowser
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{14B1EE97-E4C5-403B-98D1-DB7ECA376032}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E05B6CF6-3549-47EC-9EC2-3AE5A2E377E5}
Deleted HKLM\Software\WebDiscoverBrowser
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|UninstallString
Deleted HKLM\Software\Wow6432Node\WebDiscoverBrowser
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}
Deleted HKLM\System\Setup\FirstBoot\Services\PremierOpinion
Deleted HKLM\System\Setup\FirstBoot\Services\WCAssistantService
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}
Deleted Preinstalled.ASUSScreenSaver Folder C:\Program Files (x86)\ASUS\ASUS SCREEN SAVER
Deleted Preinstalled.ASUSScreenSaver Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BD69E7C-6470-4BB8-A944-04FF53A89E1F}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF0B1D5-0F21-4038-8E39-190628C92842}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Files ] *****
Cleaned C:\Windows\SysWOW64\pmls.dll
Cleaned C:\Windows\System32\PMLS64.DLL
*************************
AdwCleaner[S00].txt - [7212 octets] - [19/02/2021 19:26:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-19-2021
# Duration: 00:01:18
# OS: Windows 10 Home
# Cleaned: 56
# Awaiting reboot:2
# Failed: 0
***** [ Services ] *****
Deleted PremierOpinion
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\Program Files (x86)\PremierOpinion
Deleted C:\Program Files\WinZip Driver Updater
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
Deleted C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\Windows\SysWOW64\pmls.dl_
Deleted C:\Windows\System32\pmls64.dl_
Needs Reboot C:\Windows\SysWOW64\pmls.dll
Needs Reboot C:\Windows\System32\PMLS64.DLL
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\WebDiscoverBrowser
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{14B1EE97-E4C5-403B-98D1-DB7ECA376032}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E05B6CF6-3549-47EC-9EC2-3AE5A2E377E5}
Deleted HKLM\Software\WebDiscoverBrowser
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|UninstallString
Deleted HKLM\Software\Wow6432Node\WebDiscoverBrowser
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}
Deleted HKLM\System\Setup\FirstBoot\Services\PremierOpinion
Deleted HKLM\System\Setup\FirstBoot\Services\WCAssistantService
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}
Deleted Preinstalled.ASUSScreenSaver Folder C:\Program Files (x86)\ASUS\ASUS SCREEN SAVER
Deleted Preinstalled.ASUSScreenSaver Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BD69E7C-6470-4BB8-A944-04FF53A89E1F}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF0B1D5-0F21-4038-8E39-190628C92842}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Files ] *****
Cleaned C:\Windows\SysWOW64\pmls.dll
Cleaned C:\Windows\System32\PMLS64.DLL
*************************
AdwCleaner[S00].txt - [7212 octets] - [19/02/2021 19:26:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2021 01
Ran by ZdenkaT (administrator) on ZDENKA (ASUSTeK COMPUTER INC. X553MA) (19-02-2021 19:55:06)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spkl.exe
(Access Denied) [File not signed] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\4743B949-54E0-43C7-BF07-865A0FE454EC\MpSigStub.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\SwReporter\88.253.200\software_reporter_tool.exe <3>
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13628.20380\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-171d7418.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Engine_Patch_1.1.17700.4.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Video Technology -> ) C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spmm.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\Windows\runkey.exe [489472 2015-06-25] () [File not signed]
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [4146024 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\...\Windows x64\Print Processors\MIPR64_Q: C:\Windows\System32\spool\prtprocs\x64\MIPR64_Q.DLL [56832 2018-08-16] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2020-12-09] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {1BB225BF-D97F-4DEA-9E59-D6F6796CD5B7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {1FB23EF1-6F5A-4FB9-A0FE-BF9DBE66AC9C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3E168430-A11C-4EA2-B883-C02B4B178642} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {4806CE99-7795-4551-A4C6-137F51806A46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4971A62F-5CFA-40E9-A0BD-97C97B0B0879} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {530E90BA-5E30-48FC-A10E-D6A6110D897C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {5A303BDB-2F08-4F03-AF53-047574622997} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D78CC34-EA02-44E1-847E-08A91D972A27} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70E81AC8-CBEC-4954-B879-B0516735C720} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7FDA3455-C013-4AC3-A49D-DE7B41A95FB4} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8A69D8D9-5202-49A1-BD7C-48BBB8A1E4AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B65692F-EEB9-4358-BB66-5B539E55EB48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {91DB438A-A3E0-4B17-A206-47770C416DE2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A20687B7-F491-4408-B655-26D1C5327B24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE782480-113B-4D33-AD08-67F3858454E4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B55B38A7-0E52-4331-B6BE-B150251275A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C58361F0-139B-404A-940F-8F99761021AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D94AD55B-A149-45C0-A6AF-78360524DA81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DCAE0E70-F7CF-4083-9248-166207AFF476} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {E02A45FA-49DC-48EE-A837-7695E43314C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5D06F33-5B86-41A7-BB86-DE17EFEC2C54} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {EAC27566-E63F-4B77-937A-7F48CF784BB1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {F99017DF-3855-4944-9B7F-D263FFF8E6BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4EF53902-124A-407B-9200-A0FF2AB40C6D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD3FB71E-2F36-4B17-AE57-41340214016C}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-19]
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default [2021-02-19]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-15]
CHR Extension: (Dokumenty) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-15]
CHR Extension: (Disk Google) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-28]
CHR Extension: (YouTube) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-28]
CHR Extension: (Tabulky) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Extension: (Gmail) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-28]
CHR Extension: (Chrome Media Router) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [136040 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-31] (McAfee, LLC -> McAfee, Inc.)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
S2 Asus WebStorage Windows Service; "C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67032 2019-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-19 19:55 - 2021-02-19 20:03 - 000022672 _____ C:\Users\ZdenkaT.Zdenka\Desktop\FRST.txt
2021-02-19 19:54 - 2021-02-19 19:54 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\Desktop\FRST-OlderVersion
2021-02-19 19:23 - 2021-02-19 19:32 - 000000000 ____D C:\AdwCleaner
2021-02-19 19:22 - 2021-02-19 19:22 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Downloads\adwcleaner_8.1 (2).exe
2021-02-19 19:21 - 2021-02-19 19:21 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Downloads\adwcleaner_8.1 (1).exe
2021-02-19 19:21 - 2021-02-19 19:21 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Desktop\adwcleaner_8.1.exe
2021-02-19 18:36 - 2021-02-19 18:36 - 000002218 _____ C:\Users\ZdenkaT.Zdenka\Documents\cc_20210219_183621.reg
2021-02-19 18:21 - 2021-02-19 18:21 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6dcb995a97e14
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-19 20:06 - 2019-12-31 18:15 - 000000000 ____D C:\ProgramData\Adguard
2021-02-19 20:03 - 2020-12-09 19:53 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-19 19:59 - 2020-12-28 12:08 - 000000000 ____D C:\FRST
2021-02-19 19:54 - 2020-12-28 12:07 - 002298368 _____ (Farbar) C:\Users\ZdenkaT.Zdenka\Desktop\FRST64.exe
2021-02-19 19:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-19 19:52 - 2020-12-09 17:40 - 000000000 ____D C:\Program Files\CCleaner
2021-02-19 19:46 - 2020-12-28 02:37 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-19 19:46 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-19 19:46 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-19 19:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-19 19:41 - 2019-12-31 16:21 - 000000000 __SHD C:\Users\ZdenkaT\IntelGraphicsProfiles
2021-02-19 19:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-19 19:40 - 2019-12-31 18:14 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-02-19 19:39 - 2020-12-28 02:14 - 000331544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-19 19:38 - 2020-12-28 02:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-19 19:38 - 2020-12-28 02:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-19 19:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-19 19:35 - 2019-12-31 18:17 - 000000226 _____ C:\ProgramData\fontcacheev1.dat
2021-02-19 19:35 - 2019-12-31 18:15 - 000000226 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2021-02-19 19:35 - 2019-12-31 18:15 - 000000226 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:34 - 000000000 ____D C:\ProgramData\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-02-19 19:33 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-02-19 19:33 - 2014-10-21 05:28 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-02-19 19:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-19 19:00 - 2020-07-01 16:55 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 19:00 - 2020-07-01 16:55 - 000002259 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-19 18:33 - 2019-12-31 16:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-19 18:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-19 18:25 - 2019-12-31 13:11 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-19 18:23 - 2020-12-28 02:57 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-19 18:23 - 2020-12-28 02:57 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-19 18:21 - 2020-12-28 02:57 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-19 18:21 - 2020-12-09 17:41 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-02-19 18:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-19 18:20 - 2018-08-15 05:38 - 000000093 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
2021-02-19 18:17 - 2020-12-28 02:57 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3115180121-443120830-933865723-1001
2021-02-19 18:17 - 2020-12-28 02:22 - 000002390 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-19 18:17 - 2019-12-31 16:33 - 000000000 ___RD C:\Users\ZdenkaT.Zdenka\OneDrive
2021-02-19 18:16 - 2020-12-28 02:57 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Files in the root of some directories ========
2019-12-31 18:17 - 2021-02-19 19:35 - 000000226 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-15 05:38 - 2021-02-19 18:20 - 000000093 _____ () C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by ZdenkaT (administrator) on ZDENKA (ASUSTeK COMPUTER INC. X553MA) (19-02-2021 19:55:06)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spkl.exe
(Access Denied) [File not signed] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\4743B949-54E0-43C7-BF07-865A0FE454EC\MpSigStub.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\SwReporter\88.253.200\software_reporter_tool.exe <3>
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13628.20380\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-171d7418.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Engine_Patch_1.1.17700.4.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Video Technology -> ) C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spmm.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\Windows\runkey.exe [489472 2015-06-25] () [File not signed]
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [4146024 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\...\Windows x64\Print Processors\MIPR64_Q: C:\Windows\System32\spool\prtprocs\x64\MIPR64_Q.DLL [56832 2018-08-16] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2020-12-09] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {1BB225BF-D97F-4DEA-9E59-D6F6796CD5B7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {1FB23EF1-6F5A-4FB9-A0FE-BF9DBE66AC9C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3E168430-A11C-4EA2-B883-C02B4B178642} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {4806CE99-7795-4551-A4C6-137F51806A46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4971A62F-5CFA-40E9-A0BD-97C97B0B0879} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {530E90BA-5E30-48FC-A10E-D6A6110D897C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {5A303BDB-2F08-4F03-AF53-047574622997} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D78CC34-EA02-44E1-847E-08A91D972A27} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70E81AC8-CBEC-4954-B879-B0516735C720} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7FDA3455-C013-4AC3-A49D-DE7B41A95FB4} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8A69D8D9-5202-49A1-BD7C-48BBB8A1E4AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B65692F-EEB9-4358-BB66-5B539E55EB48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {91DB438A-A3E0-4B17-A206-47770C416DE2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A20687B7-F491-4408-B655-26D1C5327B24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE782480-113B-4D33-AD08-67F3858454E4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B55B38A7-0E52-4331-B6BE-B150251275A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C58361F0-139B-404A-940F-8F99761021AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D94AD55B-A149-45C0-A6AF-78360524DA81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DCAE0E70-F7CF-4083-9248-166207AFF476} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {E02A45FA-49DC-48EE-A837-7695E43314C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5D06F33-5B86-41A7-BB86-DE17EFEC2C54} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {EAC27566-E63F-4B77-937A-7F48CF784BB1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {F99017DF-3855-4944-9B7F-D263FFF8E6BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4EF53902-124A-407B-9200-A0FF2AB40C6D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD3FB71E-2F36-4B17-AE57-41340214016C}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-19]
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default [2021-02-19]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-15]
CHR Extension: (Dokumenty) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-15]
CHR Extension: (Disk Google) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-28]
CHR Extension: (YouTube) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-28]
CHR Extension: (Tabulky) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Extension: (Gmail) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-28]
CHR Extension: (Chrome Media Router) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [136040 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-31] (McAfee, LLC -> McAfee, Inc.)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
S2 Asus WebStorage Windows Service; "C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67032 2019-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-19 19:55 - 2021-02-19 20:03 - 000022672 _____ C:\Users\ZdenkaT.Zdenka\Desktop\FRST.txt
2021-02-19 19:54 - 2021-02-19 19:54 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\Desktop\FRST-OlderVersion
2021-02-19 19:23 - 2021-02-19 19:32 - 000000000 ____D C:\AdwCleaner
2021-02-19 19:22 - 2021-02-19 19:22 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Downloads\adwcleaner_8.1 (2).exe
2021-02-19 19:21 - 2021-02-19 19:21 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Downloads\adwcleaner_8.1 (1).exe
2021-02-19 19:21 - 2021-02-19 19:21 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Desktop\adwcleaner_8.1.exe
2021-02-19 18:36 - 2021-02-19 18:36 - 000002218 _____ C:\Users\ZdenkaT.Zdenka\Documents\cc_20210219_183621.reg
2021-02-19 18:21 - 2021-02-19 18:21 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6dcb995a97e14
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-19 20:06 - 2019-12-31 18:15 - 000000000 ____D C:\ProgramData\Adguard
2021-02-19 20:03 - 2020-12-09 19:53 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-19 19:59 - 2020-12-28 12:08 - 000000000 ____D C:\FRST
2021-02-19 19:54 - 2020-12-28 12:07 - 002298368 _____ (Farbar) C:\Users\ZdenkaT.Zdenka\Desktop\FRST64.exe
2021-02-19 19:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-19 19:52 - 2020-12-09 17:40 - 000000000 ____D C:\Program Files\CCleaner
2021-02-19 19:46 - 2020-12-28 02:37 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-19 19:46 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-19 19:46 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-19 19:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-19 19:41 - 2019-12-31 16:21 - 000000000 __SHD C:\Users\ZdenkaT\IntelGraphicsProfiles
2021-02-19 19:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-19 19:40 - 2019-12-31 18:14 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-02-19 19:39 - 2020-12-28 02:14 - 000331544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-19 19:38 - 2020-12-28 02:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-19 19:38 - 2020-12-28 02:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-19 19:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-19 19:35 - 2019-12-31 18:17 - 000000226 _____ C:\ProgramData\fontcacheev1.dat
2021-02-19 19:35 - 2019-12-31 18:15 - 000000226 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2021-02-19 19:35 - 2019-12-31 18:15 - 000000226 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:34 - 000000000 ____D C:\ProgramData\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-02-19 19:33 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-02-19 19:33 - 2014-10-21 05:28 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-02-19 19:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-19 19:00 - 2020-07-01 16:55 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 19:00 - 2020-07-01 16:55 - 000002259 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-19 18:33 - 2019-12-31 16:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-19 18:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-19 18:25 - 2019-12-31 13:11 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-19 18:23 - 2020-12-28 02:57 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-19 18:23 - 2020-12-28 02:57 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-19 18:21 - 2020-12-28 02:57 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-19 18:21 - 2020-12-09 17:41 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-02-19 18:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-19 18:20 - 2018-08-15 05:38 - 000000093 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
2021-02-19 18:17 - 2020-12-28 02:57 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3115180121-443120830-933865723-1001
2021-02-19 18:17 - 2020-12-28 02:22 - 000002390 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-19 18:17 - 2019-12-31 16:33 - 000000000 ___RD C:\Users\ZdenkaT.Zdenka\OneDrive
2021-02-19 18:16 - 2020-12-28 02:57 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Files in the root of some directories ========
2019-12-31 18:17 - 2021-02-19 19:35 - 000000226 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-15 05:38 - 2021-02-19 18:20 - 000000093 _____ () C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-02-2021 01
Ran by ZdenkaT (19-02-2021 20:08:53)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-12-28 01:58:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3115180121-443120830-933865723-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3115180121-443120830-933865723-503 - Limited - Disabled)
Guest (S-1-5-21-3115180121-443120830-933865723-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3115180121-443120830-933865723-504 - Limited - Disabled)
ZdenkaT (S-1-5-21-3115180121-443120830-933865723-1001 - Administrator - Enabled) => C:\Users\ZdenkaT.Zdenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spyrix Free Keylogger 9.0.5 (HKLM-x32\...\Spyrix Free Keylogger_is1) (Version: 9.0.5 - Spyrix Security Inc.)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Windows 10 Manager (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Windows 10 Manager 3.1.2) (Version: 3.1.2 - Yamicsoft)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2018-09-29] (ASUS Cloud Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-09-26] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_6.4.0.0_x86__8ptj331gd3tyt [2020-12-05] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2018-09-26] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2020-01-01] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-01] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-09-26] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3115180121-443120830-933865723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-30 15:52 - 2014-07-08 10:18 - 000317952 _____ () [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\ime32.dll
2020-04-20 13:05 - 2020-04-20 13:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-20 13:05 - 2020-04-20 13:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-12-31 18:16 - 000000940 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{32EEC35C-6F6C-4934-8CEF-0ABC0B2445DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F5836CB-442C-4D75-9792-B7944695DF55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85729891-A06A-4AB8-AD54-92623C576CBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82D82966-8A1C-48E3-BEDC-E59E71A27A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0B533A85-4B82-4565-8963-5CAF01E947F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{715FACFA-C795-4B22-B5C3-22A47994A8F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A633E5E3-1769-4F4A-B207-C4B09E8BED7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{061AFAF7-F632-4B33-A06C-ADB96F0C0C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AEAD259-2DAD-4E83-87B3-FA2FD8C224AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F0A82767-4B7F-45F3-9110-DA01B95DF210}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{848CDF92-E295-4A90-8513-FA4CD540FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08742F70-A562-42B2-8DBF-0D796EC416AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F92BA532-6CA1-463F-8437-55AACC9A30F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0FC7781-85E8-445A-B08E-42C38B7CD4B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99ED8408-2EF1-4EF6-A45D-5D916E845DA9}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/19/2021 06:28:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.420.11102.0, časové razítko: 0x5faaa7cb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x30e4
Čas spuštění chybující aplikace: 0x01d706e3546f1095
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 79edcb3d-0a07-498f-bca4-5f9f3c5eec9c
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (02/19/2021 06:14:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (10332,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (02/19/2021 06:14:11 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (10332,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (12/28/2020 02:17:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.
System errors:
=============
Error: (02/19/2021 08:11:47 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/19/2021 07:50:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (02/19/2021 07:46:00 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/19/2021 07:45:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Error: (02/19/2021 07:43:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (02/19/2021 07:43:27 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/19/2021 07:38:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Asus WebStorage Windows Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/19/2021 07:36:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AppXSvc bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===============Event[0]:
Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2021-02-19 20:16:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-02-19 20:16:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2021-02-19 18:30:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X553MA.214 08/03/2015
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 74%
Total physical RAM: 3978.54 MB
Available physical RAM: 1003.2 MB
Total Virtual: 5258.54 MB
Available Virtual: 1528.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:315.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:533.55 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{d6079a63-7b7b-48e6-a18b-8fc623f483e9}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{57b2d90b-2baf-4d9a-acc6-49831a155a79}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.2 GB) NTFS
\\?\Volume{2d7c9b8a-692d-4bf2-a646-7f7b43d46844}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 293E6C83)
Partition: GPT.
==================== End of Addition.txt ======================
Ran by ZdenkaT (19-02-2021 20:08:53)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-12-28 01:58:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3115180121-443120830-933865723-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3115180121-443120830-933865723-503 - Limited - Disabled)
Guest (S-1-5-21-3115180121-443120830-933865723-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3115180121-443120830-933865723-504 - Limited - Disabled)
ZdenkaT (S-1-5-21-3115180121-443120830-933865723-1001 - Administrator - Enabled) => C:\Users\ZdenkaT.Zdenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spyrix Free Keylogger 9.0.5 (HKLM-x32\...\Spyrix Free Keylogger_is1) (Version: 9.0.5 - Spyrix Security Inc.)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Windows 10 Manager (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Windows 10 Manager 3.1.2) (Version: 3.1.2 - Yamicsoft)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2018-09-29] (ASUS Cloud Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-09-26] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_6.4.0.0_x86__8ptj331gd3tyt [2020-12-05] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2018-09-26] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2020-01-01] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-01] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-09-26] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3115180121-443120830-933865723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-30 15:52 - 2014-07-08 10:18 - 000317952 _____ () [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\ime32.dll
2020-04-20 13:05 - 2020-04-20 13:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-20 13:05 - 2020-04-20 13:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-12-31 18:16 - 000000940 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{32EEC35C-6F6C-4934-8CEF-0ABC0B2445DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F5836CB-442C-4D75-9792-B7944695DF55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85729891-A06A-4AB8-AD54-92623C576CBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82D82966-8A1C-48E3-BEDC-E59E71A27A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0B533A85-4B82-4565-8963-5CAF01E947F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{715FACFA-C795-4B22-B5C3-22A47994A8F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A633E5E3-1769-4F4A-B207-C4B09E8BED7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{061AFAF7-F632-4B33-A06C-ADB96F0C0C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AEAD259-2DAD-4E83-87B3-FA2FD8C224AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F0A82767-4B7F-45F3-9110-DA01B95DF210}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{848CDF92-E295-4A90-8513-FA4CD540FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08742F70-A562-42B2-8DBF-0D796EC416AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F92BA532-6CA1-463F-8437-55AACC9A30F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0FC7781-85E8-445A-B08E-42C38B7CD4B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99ED8408-2EF1-4EF6-A45D-5D916E845DA9}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/19/2021 06:28:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.420.11102.0, časové razítko: 0x5faaa7cb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x30e4
Čas spuštění chybující aplikace: 0x01d706e3546f1095
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 79edcb3d-0a07-498f-bca4-5f9f3c5eec9c
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (02/19/2021 06:14:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (10332,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (02/19/2021 06:14:11 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (10332,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (12/28/2020 02:17:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.
System errors:
=============
Error: (02/19/2021 08:11:47 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/19/2021 07:50:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (02/19/2021 07:46:00 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/19/2021 07:45:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Error: (02/19/2021 07:43:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (02/19/2021 07:43:27 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/19/2021 07:38:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Asus WebStorage Windows Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/19/2021 07:36:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AppXSvc bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===============Event[0]:
Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2021-02-19 20:16:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-02-19 20:16:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2021-02-19 18:30:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X553MA.214 08/03/2015
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 74%
Total physical RAM: 3978.54 MB
Available physical RAM: 1003.2 MB
Total Virtual: 5258.54 MB
Available Virtual: 1528.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:315.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:533.55 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{d6079a63-7b7b-48e6-a18b-8fc623f483e9}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{57b2d90b-2baf-4d9a-acc6-49831a155a79}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.2 GB) NTFS
\\?\Volume{2d7c9b8a-692d-4bf2-a646-7f7b43d46844}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 293E6C83)
Partition: GPT.
==================== End of Addition.txt ======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-02-2021 01
Ran by ZdenkaT (19-02-2021 21:08:30) Run:1
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA} => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1079ADCF-14F3-4819-BB8E-D48D18283A6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1079ADCF-14F3-4819-BB8E-D48D18283A6E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F3A76FD-16A6-429D-A35A-25815798C58F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F3A76FD-16A6-429D-A35A-25815798C58F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30556042 B
Java, Flash, Steam htmlcache => 360194672 B
Windows/system/drivers => 34457926 B
Edge => 14336 B
Chrome => 22590919 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 225550208 B
ZdenkaT.Zdenka => 266206022 B
RecycleBin => 82247 B
EmptyTemp: => 903.9 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-02-2021 21:17:34)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 21:17:35 ====
Ran by ZdenkaT (19-02-2021 21:08:30) Run:1
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA} => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1079ADCF-14F3-4819-BB8E-D48D18283A6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1079ADCF-14F3-4819-BB8E-D48D18283A6E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F3A76FD-16A6-429D-A35A-25815798C58F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F3A76FD-16A6-429D-A35A-25815798C58F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30556042 B
Java, Flash, Steam htmlcache => 360194672 B
Windows/system/drivers => 34457926 B
Edge => 14336 B
Chrome => 22590919 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 225550208 B
ZdenkaT.Zdenka => 266206022 B
RecycleBin => 82247 B
EmptyTemp: => 903.9 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-02-2021 21:17:34)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 21:17:35 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?