Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, zpolaené PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
claymore
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 04 kvě 2007 10:52

Prosím o kontrolu, zpolaené PC

#1 Příspěvek od claymore »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2021
Ran by Citron (administrator) on CITRONIDLO (Hewlett-Packard HP ProBook 4530s) (18-03-2021 17:14:26)
Running from C:\Users\Citron\Desktop
Loaded Profiles: Citron
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Programy\Rainlendar2\Rainlendar2.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\Cleanup\TuneupUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> The OpenVPN Project) C:\Program Files\avast software\SecureLine VPN\OpenVPN\openvpn.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files\Motorola\Bluetooth\btmshell.dll [21709904 2011-02-15] (Motorola Inc -> Motorola Solutions, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Programy\AVAST Software\Avast\AvLaunch.exe [116960 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Run: [Rainlendar2] => C:\Programy\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] () [File not signed]
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-03-18]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\avast software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16FDFC7E-4C9C-4B03-A55A-A88111667DFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1B2E354A-B68D-4557-AB31-7A1061DB8595} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1191136 2021-03-17] (Avast Software s.r.o. -> AVAST Software)
Task: {297F3292-8529-49B9-9795-7DDB56A05D25} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4731616 2021-03-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 3df9be00-2d4b-4fbd-8ba1-5159d1dfa004
Task: {578033CC-051B-4EBD-8062-285BAE0BDDD6} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {62459F05-C238-4A71-857A-57D1A5B6DFF5} - System32\Tasks\NetworkWizardVCW => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {6B651EBD-A992-4C4B-942D-792024AD09E7} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\update.exe [2201560 2011-12-12] (PC Tools -> PC Tools)
Task: {6F191125-12D3-471A-84B0-EF1FA47FD06F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {6FAFD9DD-C8CB-4F1B-8737-0A47781A0388} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {70181105-497C-412F-833A-561EFCACB892} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5493472 2021-03-08] (Avast Software s.r.o. -> Avast Software)
Task: {765F8E8C-A40E-4CA2-AFCA-78224A6754E9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {7F209381-0E1B-4565-BDBE-739D53652E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {8138C2E1-F250-4C6E-91BB-A8D49B2A7C3C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {84C46F17-5C05-4178-A40B-222C80C69473} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {991AF557-8466-42CE-9B55-237C0F4B9DFD} - System32\Tasks\Avast Emergency Update => C:\Programy\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
Task: {9AEC25F4-BB8E-46C1-A660-01D6007B9A26} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4665568 2021-03-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 8e7ab03c-fd72-46de-bf97-7145cc0e0713
Task: {AE8BC164-1C92-448D-B105-1D17222BF0D8} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5493472 2021-03-16] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1536627339-1155438233-2228032490-1001] => localhost:8080
Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.1.1
Tcpip\..\Interfaces\{A7F6367F-3D94-4B8E-881D-DE8832225970}: [DhcpNameServer] 192.168.5.1 192.168.1.1
Tcpip\..\Interfaces\{B1E8BFDC-2148-4261-81EB-3F462AE02610}: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{D4360F23-D04C-4BB7-B907-CF8D32829D23}: [NameServer] 100.120.50.1

FireFox:
========
FF DefaultProfile: ng7a8cym.default-1379696775163
FF ProfilePath: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ejo7zur1.default-release-1 [2021-03-18]
FF Homepage: Mozilla\Firefox\Profiles\ejo7zur1.default-release-1 -> about:blank
FF Extension: (AdBlock — best ad blocker) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ejo7zur1.default-release-1\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-03-17]
FF ProfilePath: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\fmt8gp9w.default-release-1612214490328 [2021-03-18]
FF Homepage: Mozilla\Firefox\Profiles\fmt8gp9w.default-release-1612214490328 -> about:blank
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\fmt8gp9w.default-release-1612214490328\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-02-01]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\fmt8gp9w.default-release-1612214490328\Extensions\langpack-cs@firefox.mozilla.org.xpi [2021-02-01]
FF ProfilePath: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163 [2021-03-18]
FF Homepage: Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163 -> hxxp://www.google.com/firefox?client=firefox-a ... S:official
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\sp@avast.com.xpi [2020-06-28]
FF Extension: (Adblock na Youtube™) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2019-05-05]
FF SearchPlugin: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\searchplugins\icqplugin.xml [2011-03-30]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-10] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2012-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S4 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Programy\AVAST Software\Avast\aswidsagent.exe [8044056 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Programy\AVAST Software\Avast\AvastSvc.exe [621608 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Firewall; C:\Programy\AVAST Software\Avast\afwServ.exe [1301136 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Programy\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-12] (Avast Software s.r.o. -> AVAST Software)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-03] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2016-11-11] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2016-11-11] (Macrovision Europe Ltd.) [File not signed]
S3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools -> PC Tools)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [8059104 2021-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [378568 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3315400 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [296448 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S4 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation -> Xobni Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [208024 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [357320 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [249304 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [98760 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [41272 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175248 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [521336 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-09-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [107784 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83360 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [850112 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [465656 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [215328 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
R3 aswTap; C:\windows\System32\DRIVERS\aswTap.sys [53904 2017-04-14] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [326976 2021-03-04] (Avast Software s.r.o. -> AVAST Software)
S3 BTMCOM; C:\windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-10] (DT Soft Ltd -> DT Soft Ltd)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R3 nusb3hub; C:\windows\System32\DRIVERS\nusb3hub.sys [80384 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\windows\System32\DRIVERS\nusb3xhc.sys [181248 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2621128 2015-07-15] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R1 SpyEmrg; C:\windows\System32\Drivers\spyemrg.sys [17608 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\windows\System32\Drivers\spyemrg_access.sys [24776 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\windows\System32\Drivers\spyemrg_guard.sys [19656 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [520192 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 JMCR; system32\DRIVERS\jmcr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-18 17:14 - 2021-03-18 17:15 - 000023176 _____ C:\Users\Citron\Desktop\FRST.txt
2021-03-18 17:14 - 2021-03-18 17:05 - 002300928 _____ (Farbar) C:\Users\Citron\Desktop\FRST64.exe
2021-03-13 21:57 - 2021-03-13 21:57 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2021-03-09 21:00 - 2021-03-09 21:00 - 000001879 _____ C:\Users\Citron\Desktop\GordonsReloadingTool – zástupce.lnk
2021-03-04 08:22 - 2021-03-04 08:22 - 000339680 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2021-03-04 08:22 - 2021-03-04 08:22 - 000215328 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2021-02-24 20:41 - 2021-02-24 20:41 - 000156108 _____ C:\windows\SysWOW64\uArcVCapture_20210224-204123.dmp
2021-02-24 19:20 - 2021-02-24 19:27 - 000000000 ____D C:\Users\Citron\AppData\Roaming\Anvsoft
2021-02-24 19:08 - 2021-02-24 19:15 - 000000000 ____D C:\Users\Citron\AppData\Roaming\avidemux
2021-02-24 19:08 - 2021-02-24 19:08 - 000000000 ____D C:\Users\Citron\AppData\Local\avidemux
2021-02-22 14:16 - 2021-02-22 14:16 - 000160783 _____ C:\windows\SysWOW64\uArcVCapture_20210222-141643.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-18 17:14 - 2020-11-28 09:19 - 000000000 ____D C:\FRST
2021-03-18 17:13 - 2016-11-18 12:44 - 000000000 ____D C:\Users\Citron\AppData\LocalLow\Mozilla
2021-03-18 17:13 - 2012-07-11 15:30 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-18 17:08 - 2012-07-11 15:55 - 000000000 ____D C:\_Pal
2021-03-18 17:03 - 2013-09-20 17:44 - 000000000 ____D C:\Program Files\CCleaner
2021-03-18 16:56 - 2011-05-10 21:06 - 000000000 ____D C:\ProgramData\FLEXnet
2021-03-18 16:52 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2021-03-18 14:05 - 2009-07-14 05:45 - 000019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-03-18 14:05 - 2009-07-14 05:45 - 000019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-03-18 13:58 - 2014-12-22 10:02 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-18 13:56 - 2020-09-21 20:33 - 000003938 _____ C:\windows\system32\Tasks\Avast SecureLine VPN Update
2021-03-18 13:55 - 2012-07-11 16:06 - 000000000 ____D C:\Users\Citron\.rainlendar2
2021-03-18 13:54 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2021-03-16 09:00 - 2011-05-10 21:12 - 000669116 _____ C:\windows\system32\perfh005.dat
2021-03-16 09:00 - 2011-05-10 21:12 - 000141744 _____ C:\windows\system32\perfc005.dat
2021-03-16 09:00 - 2009-07-14 06:13 - 001584554 _____ C:\windows\system32\PerfStringBackup.INI
2021-03-15 17:21 - 2018-05-30 06:39 - 000000000 ____D C:\Users\Citron\AppData\Local\AVAST Software
2021-03-14 19:47 - 2021-02-05 15:32 - 000003386 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-14 19:47 - 2021-02-05 15:32 - 000003258 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-14 19:47 - 2018-04-26 14:35 - 000002796 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2021-03-14 19:47 - 2018-04-24 13:33 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2021-03-14 19:47 - 2015-12-03 15:34 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2021-03-14 08:00 - 2021-02-02 08:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-14 08:00 - 2012-07-11 15:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-09 20:59 - 2012-07-11 16:02 - 000000000 ____D C:\Programy
2021-03-05 11:18 - 2017-04-14 08:02 - 000004158 _____ C:\windows\system32\Tasks\Avast Emergency Update
2021-03-04 08:23 - 2020-07-05 16:54 - 000175248 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2021-03-04 08:23 - 2014-12-22 10:07 - 000465656 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2021-03-04 08:22 - 2020-04-05 09:03 - 000521336 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2021-03-04 08:22 - 2019-03-23 12:13 - 000357320 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2021-03-04 08:22 - 2019-03-23 12:13 - 000249304 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2021-03-04 08:22 - 2019-03-23 12:13 - 000098760 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2021-03-04 08:22 - 2018-12-01 09:50 - 000041272 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2021-03-04 08:22 - 2017-11-12 11:45 - 000208024 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2021-03-04 08:22 - 2014-12-22 10:07 - 000850112 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2021-03-04 08:22 - 2014-12-22 10:07 - 000326976 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2021-03-04 08:22 - 2014-12-22 10:07 - 000107784 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2021-03-04 08:22 - 2014-12-22 10:07 - 000083360 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2021-03-02 07:40 - 2009-07-14 06:08 - 000032616 _____ C:\windows\Tasks\SCHEDLGU.TXT
2021-02-27 08:33 - 2020-06-29 14:51 - 000000000 ____D C:\Users\Citron\AppData\Roaming\Spy Emergency
2021-02-26 18:59 - 2012-07-11 15:55 - 000000000 ____D C:\Fotky
2021-02-24 21:15 - 2012-07-11 15:20 - 000000000 ____D C:\Users\Citron\AppData\Roaming\hpqLog
2021-02-24 19:45 - 2011-12-27 09:57 - 000000000 ____D C:\windows\SysWOW64\SDA
2021-02-24 19:43 - 2014-02-01 10:44 - 000000000 ____D C:\Program Files (x86)\QuickTime
2021-02-24 19:37 - 2012-09-23 08:51 - 000000000 ____D C:\Users\Citron\AppData\Roaming\ArcSoft
2021-02-24 19:37 - 2011-12-27 10:09 - 000000000 ____D C:\Program Files (x86)\ArcSoft
2021-02-20 15:58 - 2016-09-16 20:49 - 000000000 ____D C:\Users\Citron\Documents\ProcAlyzer Dumps
2021-02-20 15:58 - 2014-07-04 18:45 - 000000000 ____D C:\Program Files\trend micro
2021-02-20 15:58 - 2013-04-12 20:22 - 000000000 ____D C:\Users\Citron\Documents\Add-in Express
2021-02-20 15:58 - 2013-03-10 18:02 - 000000000 ____D C:\Users\Citron\AppData\Roaming\DAEMON Tools Lite
2021-02-20 15:58 - 2012-07-26 14:58 - 000000000 ____D C:\Users\Citron\AppData\Roaming\skypePM
2021-02-20 15:58 - 2012-07-11 16:02 - 000000000 ____D C:\Users\Citron\AppData\Roaming\Winamp
2021-02-20 15:50 - 2012-07-15 14:18 - 000000000 ____D C:\Users\Citron\AppData\Local\CrashDumps
2021-02-19 19:02 - 2019-05-06 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories ========

2012-07-11 15:33 - 2020-11-05 22:38 - 000004586 _____ () C:\Users\Citron\AppData\Local\mbt-actwiz.log
2012-10-28 12:23 - 2020-06-29 14:35 - 000007601 _____ () C:\Users\Citron\AppData\Local\resmon.resmoncfg
2017-03-29 14:46 - 2017-03-29 14:46 - 000000000 _____ () C:\Users\Citron\AppData\Local\{2662E165-2985-4912-B895-E386B6A16BD4}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-03-13 10:43
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by Citron (18-03-2021 17:15:43)
Running from C:\Users\Citron\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-11 14:19:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1536627339-1155438233-2228032490-500 - Administrator - Disabled)
Citron (S-1-5-21-1536627339-1155438233-2228032490-1001 - Administrator - Enabled) => C:\Users\Citron
Guest (S-1-5-21-1536627339-1155438233-2228032490-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spy Emergency (Disabled - Up to date) {CC339280-553F-D68A-6F68-9FB25810C8B4}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{63E42DE7-C468-31B0-E373-173C67C87B88}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9940.2746 - Avast Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.10.5430.1950 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.33.24411 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company)
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4B21E4B2-89B8-499D-803A-34ABF929401E}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.00.888 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}) (Version: 4.0.112.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}) (Version: 2.1.2 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OLYMPUS Master 2 (HKLM-x32\...\{45FCADDB-0B29-457E-83A1-D245C62A716C}) (Version: 1.0.6 - OLYMPUS IMAGING CORP.)
OpenOffice.org 3.3 (HKLM-x32\...\{10B43A43-FF73-47FD-83E8-A503E84F9ED6}) (Version: 3.3.9567 - OpenOffice.org)
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
Realtek Motorola BC8 Bluetooth 3.0+HS Adapter (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.82.298 - Motorola Solutions, Inc.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0323 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Silent Hunter III (HKLM-x32\...\InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.4.0000 - Ubisoft)
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Spy Emergency 2020-25.0.770 (HKLM\...\Spy Emergency_is1) (Version: - NETGATE Technologies s.r.o.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
TomTom MyDrive Connect 4.1.6.3253 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WMV9/VC-1 Video Playback (HKLM\...\{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2021-03-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2021-03-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2021-03-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-15] (Motorola Inc -> Motorola Solutions, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2021-03-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-03-28] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2021-03-04] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-02-09 20:27 - 2011-02-09 20:27 - 000141824 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2011-02-09 21:04 - 2011-02-09 21:04 - 002905600 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2011-01-27 01:35 - 2011-01-27 01:35 - 000007168 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\SDKCOMServerLib.dll
2011-05-10 21:12 - 2011-01-27 01:34 - 001083392 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 000107008 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 000008192 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\Interop.HPQWMIEXLib.dll
2020-06-29 14:51 - 2007-11-02 15:20 - 001403904 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\LIBEAY32.dll
2020-06-29 14:51 - 2007-11-02 15:20 - 000243712 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\SSLEAY32.dll
2020-06-29 14:51 - 2007-09-04 14:25 - 000198144 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000012288 _____ () [File not signed] C:\Programy\Rainlendar2\lfs.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000126976 _____ () [File not signed] C:\Programy\Rainlendar2\lua51.dll
2011-08-12 06:45 - 2011-08-12 06:45 - 000198144 _____ () [File not signed] C:\Programy\Rainlendar2\plugins\iCalendarPlugin.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 001412608 _____ () [File not signed] C:\windows\system32\LIBEAY32.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 002792960 _____ (Apache Software Foundation) [File not signed] C:\windows\system32\xerces-c_3_0.dll
2010-11-25 23:21 - 2010-11-25 23:21 - 004899328 _____ (Cogent Systems Inc.) [File not signed] C:\windows\system32\CgtFace_Dll.dll
2011-02-15 00:28 - 2011-02-15 00:28 - 000187016 _____ (Cogent Systems, Inc. -> Cogent Systems, Inc.) [File not signed] C:\windows\system32\BSWAuthImp.dll
2011-02-15 00:03 - 2011-02-15 00:03 - 000033928 _____ (Cogent Systems, Inc. -> TODO: <Company name>) [File not signed] C:\windows\system32\OEMComponentProvider.dll
2011-02-12 04:04 - 2011-02-12 04:04 - 000514560 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\KEYLIB64.dll
2011-02-12 04:04 - 2011-02-12 04:04 - 000495616 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\SKCA64.dll
2020-06-29 14:51 - 2011-08-15 17:49 - 001965056 _____ (CPULib Team) [File not signed] C:\Program Files\NETGATE\Spy Emergency\CPULib.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000916992 _____ (Free Software Foundation) [File not signed] C:\windows\system32\iconv.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000044544 _____ (Free Software Foundation) [File not signed] C:\windows\system32\intl.dll
2011-01-31 19:53 - 2011-01-31 19:53 - 000151552 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomain.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 001044480 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTHostServices.dll
2011-01-31 19:55 - 2011-01-31 19:55 - 000081920 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTStrings.dll
2011-02-07 19:43 - 2011-02-07 19:43 - 005263872 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
2011-01-27 01:34 - 2011-01-27 01:34 - 000838656 _____ (HP) [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\HP.SupportFramework.dll
2014-02-01 11:25 - 2014-02-01 11:25 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2014-02-01 11:25 - 2014-02-01 11:25 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-11-29 09:07 - 2020-11-29 09:07 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\MSVCP140.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\ucrtbase.DLL
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\VCRUNTIME140.dll
2021-03-17 11:49 - 2021-03-17 11:49 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\21031700\avast.local_vc142.crt\VCRUNTIME140_1.dll
2011-07-28 19:20 - 2011-07-28 19:20 - 000244736 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Programy\Rainlendar2\libcurl.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 001102336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Programy\Rainlendar2\LIBEAY32.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 000237056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Programy\Rainlendar2\SSLEAY32.dll
2010-12-12 11:56 - 2010-12-12 11:56 - 001205760 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxbase28u_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000131584 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxbase28u_xml_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000707584 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_adv_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 002633216 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_core_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000485376 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_html_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000502784 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_xrc_vc_rny.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7944 more sites.

IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123simsen.com -> www.123simsen.com

There are 7944 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2021-01-19 19:38 - 000453771 ____R C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15604 more lines.


==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Citron\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.120.50.1 - 192.168.5.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: XobniService => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: HPConnectionManager => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EFE78C0F-A8D4-4891-95B5-64FF6E45F2C9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{56BD7C38-2B1C-4E88-A002-7E5FFD8CB975}C:\programy\winamp\winamp.exe] => (Block) C:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{F4A647FE-6DB4-4C76-8C9E-996FD659191F}C:\programy\winamp\winamp.exe] => (Block) C:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8735C39-2A5E-4B92-9353-076C65203934}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A8BBF25-841F-4DAD-871C-D650D654D485}] => (Allow) C:\Programy\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [{B45139AA-B604-4E88-AD7C-D39E53F3D9EC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{59AE5393-1AA5-41EE-838A-14166FCE6F26}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{91EEFF27-64DA-4337-81FA-A304ABC14D6D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B4365BE-7BA5-411D-B6BA-F83229ABBFE2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

12-03-2021 10:35:37 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
Description: Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
Class Guid: {a173b237-6a34-4bb5-aa63-2561160fa200}
Manufacturer: Motorola Solutions, Inc.
Service: BTMUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/18/2021 05:14:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.23537 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 6fc

Čas spuštění: 01d71bf5e00c142f

Čas ukončení: 999

Cesta k aplikaci: C:\windows\Explorer.EXE

ID hlášení: f093c24a-8804-11eb-a73c-e4115b2d1f2a

Error: (03/18/2021 05:13:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 17.3.2021.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 13d8

Čas spuštění: 01d71c109c948b8a

Čas ukončení: 16

Cesta k aplikaci: C:\_Pal\FRST64.exe

ID hlášení:

Error: (03/05/2021 01:58:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AlternativeDVRPlayer.exe verze 5.8.0.2 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1abc

Čas spuštění: 01d711bf281a0a0f

Čas ukončení: 20

Cesta k aplikaci: C:\Users\Citron\Desktop\Alternative DVR Player\AlternativeDVRPlayer.exe

ID hlášení: 8abd8f61-7db2-11eb-abb4-e4115b2d1f2a

Error: (03/05/2021 01:57:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AlternativeDVRPlayer.exe verze 5.8.0.2 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 49c

Čas spuštění: 01d711b9cc2af7b3

Čas ukončení: 85

Cesta k aplikaci: C:\Users\Citron\Desktop\Alternative DVR Player\AlternativeDVRPlayer.exe

ID hlášení: 61305324-7db2-11eb-abb4-e4115b2d1f2a

Error: (03/04/2021 08:24:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: atieclxx.exe, verze: 6.14.11.1090, časové razítko: 0x4d90ad0c
Název chybujícího modulu: atieclxx.exe, verze: 6.14.11.1090, časové razítko: 0x4d90ad0c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000020ea5
ID chybujícího procesu: 0x560
Čas spuštění chybující aplikace: 0x01d710c241552ec5
Cesta k chybující aplikaci: C:\windows\system32\atieclxx.exe
Cesta k chybujícímu modulu: C:\windows\system32\atieclxx.exe
ID zprávy: 9c258fab-7cba-11eb-8e6e-e4115b2d1f2a

Error: (02/24/2021 10:52:32 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (02/24/2021 08:41:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jhi_service.exe, verze: 1.0.71.0, časové razítko: 0x4cf4050b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x02cd74ac
ID chybujícího procesu: 0x918
Čas spuštění chybující aplikace: 0x01d70adae61e0f18
Cesta k chybující aplikaci: C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 42dd6a9a-76d8-11eb-b7a7-e4115b2d1f2a

Error: (02/24/2021 08:41:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hpqWmiEx.exe, verze: 4.6.8.1, časové razítko: 0x50257047
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x02cd74ac
ID chybujícího procesu: 0x134c
Čas spuštění chybující aplikace: 0x01d70adaf871c754
Cesta k chybující aplikaci: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 41204947-76d8-11eb-b7a7-e4115b2d1f2a


System errors:
=============
Error: (03/18/2021 01:57:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Software Framework Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/18/2021 01:57:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas. při pokusu o spuštění služby hpqwmiex s argumenty za účelem spuštění serveru:
{F5539356-2F02-40D4-999E-FA61F45FE12E}

Error: (03/18/2021 01:57:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP Software Framework Service bylo dosaženo časového limitu (30000 ms).

Error: (03/18/2021 01:56:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (03/18/2021 01:56:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Avast Firewall Service závisí na službě Služba BFE (Base Filtering Engine), která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.

Error: (03/18/2021 01:56:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba BFE (Base Filtering Engine) přestala během spouštění reagovat.

Error: (03/17/2021 10:07:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2021 07:45:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.


Windows Defender:
================
Date: 2016-01-28 17:25:13.891
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C5B06EE9-5815-45BD-9F3A-089279E2DDBF}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-05-02 16:14:27.837
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{52BED4F3-1B3D-4771-86AE-99773FBE6CBB}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Citronidlo\Citron

Date: 2015-05-01 08:08:22.456
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{02636881-D547-43A1-A918-CF1FA67E9967}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2014-12-10 21:46:39.666
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BF8F101D-5D30-40F3-89CF-2A6B4CE4ECD4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Citronidlo\Citron

Date: 2013-08-17 05:04:53.918
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0E03EA01-0797-4A4D-AF6E-81BAA5790D90}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SRR Ver. F.0A 07/18/2011
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 4030.36 MB
Available physical RAM: 1052.16 MB
Total Virtual: 8058.9 MB
Available Virtual: 3913.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:676.39 GB) (Free:601.12 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.95 GB) (Free:2.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.13 GB) FAT32

\\?\Volume{ac3b751b-3067-11e1-9518-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 9FD8FEA1)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, zpolaené PC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

claymore
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 04 kvě 2007 10:52

Re: Prosím o kontrolu, zpolaené PC

#3 Příspěvek od claymore »

Restart neproběhl, log zde:
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-18-2021
# Duration: 00:00:30
# OS: Windows 7 Home Premium
# Scanned: 2303
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, zpolaené PC

#4 Příspěvek od Rudy »

Restart neproběhl, protože nebylo nic mazáno. Je to OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {6F191125-12D3-471A-84B0-EF1FA47FD06F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {7F209381-0E1B-4565-BDBE-739D53652E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Citron\AppData\Local\{2662E165-2985-4912-B895-E386B6A16BD4}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

claymore
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 04 kvě 2007 10:52

Re: Prosím o kontrolu, zpolaené PC

#5 Příspěvek od claymore »

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by Citron (18-03-2021 19:07:28) Run:4
Running from C:\Users\Citron\Desktop
Loaded Profiles: Citron
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {6F191125-12D3-471A-84B0-EF1FA47FD06F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {7F209381-0E1B-4565-BDBE-739D53652E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Citron\AppData\Local\{2662E165-2985-4912-B895-E386B6A16BD4}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F191125-12D3-471A-84B0-EF1FA47FD06F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F191125-12D3-471A-84B0-EF1FA47FD06F}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F209381-0E1B-4565-BDBE-739D53652E71}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F209381-0E1B-4565-BDBE-739D53652E71}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Citron\AppData\Local\{2662E165-2985-4912-B895-E386B6A16BD4} => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5283109 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12028 B
Edge => 0 B
Firefox => 198635372 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Citron => 554664 B

RecycleBin => 0 B
EmptyTemp: => 203 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:07:42 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, zpolaené PC

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

claymore
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 04 kvě 2007 10:52

Re: Prosím o kontrolu, zpolaené PC

#7 Příspěvek od claymore »

No, spuštění o moc rychlejší není, očekával jsem větší bordel, tedy i o trošku větší zlepšení.
Asi se budu muset smířit s tím, že tenhle starý stroj rychlejší nebude

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, zpolaené PC

#8 Příspěvek od Rudy »

Do přík.řádku napište:
msconfig
a odentrujte.
Otevře se okno konfigurace systému. Na záložkách "Po spuštění" a "Služby" odstraňte zatržítka u všech ne-microftích položek, s vyjímkou antiviru a firewallu. Nastavení uložte a restartujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

claymore
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 04 kvě 2007 10:52

Re: Prosím o kontrolu, zpolaené PC

#9 Příspěvek od claymore »

Děkuji, na tenhle nástroj už jsem dávno zapomněl.
Ponechal jsem tam věci, které používám a star je rychlejší. Další věci vyřeší nové ovladače.
Děkuji za pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, zpolaené PC

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno