Prosím o pročištění starší notebook. Strašně se hriže

[Jan55]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
Ran by User (administrator) on HP250 (Hewlett-Packard HP 250 G3 Notebook PC) (18-07-2021 21:02:19)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\91.263.200\software_reporter_tool.exe <4>
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\TiWorker.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Seznam.cz, a.s. -> ) C:\Users\User\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [706192 2021-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-09-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [] => [X]
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\Windows\system32\hpf3l02t.dll [138752 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.114\Installer\chrmstp.exe [2021-06-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-05-28] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2019-11-03]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06DBB6A8-4EF5-456B-9CC3-1EE557ABAFE1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {30183DB4-E015-49FA-9073-3319A7E9B687} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {415E83E5-AAE0-439C-9A21-8A968A7D0E44} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {4770B12A-1656-4B4F-81FA-F75B3742F939} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5DA7C769-A45E-46CE-B22D-23CD1C6F65A2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E56B0C5-A5BF-4166-9E1B-22FA66C4B4A8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {61F6AA87-CB06-465E-863A-32F2F5ABB998} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {64D153B2-8746-43DE-AAA5-82E3450AA0B1} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {749A42D6-307C-4C5F-9220-158659E7FE27} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {8DA7EA7E-10BF-4A90-9695-0BF33D5252BE} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [251112 2021-06-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {99FFBC53-4029-4F90-88A7-5F0CB4809BCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {A885EC29-03B3-4B8D-ACDD-FBA3555A052C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD883496-E0FF-424F-A547-73280F22FF3B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [132447432 2021-06-22] (Microsoft Windows -> Microsoft Corporation)
Task: {B706F9DA-22D9-4E46-B7CD-8FAF6E3AE020} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {D77AD5BA-1F2D-49F5-9C42-3E955F487FF8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D974607D-8FA0-437B-B123-091DC26DAC5E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E04BFBB2-5A46-40E9-BA14-96B73AB3E0AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E7564355-7E85-4A14-9204-0BFE1E8D87A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {EB4C7502-13CF-40CB-9AA5-132C27DE3F57} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {F35D36D7-FE22-4A5D-AD7B-47E4D6B4A2D6} - System32\Tasks\{11EFABAE-F07F-4F60-BF82-68ED32CEC831} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.15.0.103/cs/ ... rogressBar
Task: {F36D5793-3060-42A9-98A4-C7493E3A39E7} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [248040 2021-06-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F5ABAB1C-2A38-4640-95C3-E0E4A1106239} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6F62CAA9-028C-41C7-AAC9-991DE99DC0C4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B0F00978-1B8B-4022-B422-9CD557A1B888}: [DhcpNameServer] 46.33.96.2 46.33.112.42

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2540335792-638658478-1060365479-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies SF -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-07-18]
CHR Notifications: Default -> hxxps://www.prodejauto.eu; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR NewTab: Default -> Not-active:"chrome-extension://bgjpfhpjcgdppjbgnpnjllokbmcdllig/speeddial/html/temporaryNewTab.html", Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html", Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html", Not-active:"chrome-extension://aaaaddliknddhjhjcofimffekgonpkom/newtab/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Music Box) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-08-21]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-12]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-05-03]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-09-29]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-04]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-05-03]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-06]
CHR HKU\S-1-5-21-2540335792-638658478-1060365479-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-2540335792-638658478-1060365479-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd]
CHR HKU\S-1-5-21-2540335792-638658478-1060365479-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208432 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484904 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484904 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [575776 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634768 2021-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264880 2021-06-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [209744 2021-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [199312 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [45472 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-25] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-18 21:02 - 2021-07-18 21:13 - 000027727 _____ C:\Users\User\Desktop\FRST.txt
2021-07-18 20:59 - 2021-07-18 21:10 - 000000000 ____D C:\FRST
2021-07-18 20:58 - 2021-07-18 20:58 - 002300416 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-07-18 20:56 - 2021-07-18 20:56 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-07-18 20:56 - 2021-07-18 20:56 - 000002800 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-07-18 20:56 - 2021-07-18 20:56 - 000000841 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-07-18 20:56 - 2021-07-18 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-07-18 20:55 - 2021-07-18 20:58 - 000000000 ____D C:\Program Files\CCleaner
2021-07-18 20:44 - 2021-07-18 20:45 - 035726800 _____ (Piriform Software Ltd) C:\Users\User\Desktop\cctrialsetup.exe
2021-06-28 15:36 - 2021-06-05 07:23 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2021-06-28 15:36 - 2021-06-05 06:42 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-06-28 15:35 - 2021-06-05 06:30 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-06-21 13:11 - 2021-06-21 13:11 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-18 21:15 - 2014-12-11 15:24 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-18 21:15 - 2014-12-11 15:24 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-18 21:15 - 2014-12-11 15:24 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-18 20:57 - 2014-12-11 13:14 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2540335792-638658478-1060365479-1001
2021-07-18 20:52 - 2017-10-26 08:51 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-18 20:32 - 2014-12-11 15:33 - 000000000 ____D C:\Users\User\AppData\Roaming\ClassicShell
2021-07-18 20:31 - 2014-12-11 13:22 - 000003810 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A533FE5C-83D0-4CA1-8677-3FABBC1D0739}
2021-07-18 20:20 - 2014-12-11 13:12 - 000000000 ____D C:\Users\User\Documents\Youcam
2021-07-18 20:12 - 2017-09-14 19:33 - 000000000 ____D C:\Users\User\AppData\Roaming\Seznam.cz
2021-07-04 16:24 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2021-07-04 16:22 - 2014-05-04 06:49 - 000763202 _____ C:\Windows\system32\perfh005.dat
2021-07-04 16:22 - 2014-05-04 06:49 - 000163924 _____ C:\Windows\system32\perfc005.dat
2021-07-04 16:22 - 2014-03-18 11:53 - 001876408 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-04 16:22 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-07-04 16:17 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-04 16:16 - 2013-08-22 16:44 - 000482968 _____ C:\Windows\system32\FNTCACHE.DAT
2021-07-04 15:43 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-07-04 15:25 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-07-04 15:25 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender
2021-07-01 17:57 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-06-28 16:15 - 2014-12-11 15:24 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-28 16:15 - 2014-12-11 15:24 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-22 16:39 - 2014-12-11 15:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-06-22 16:29 - 2013-08-22 15:25 - 000000199 _____ C:\Windows\win.ini
2021-06-22 16:26 - 2014-12-16 14:40 - 000000000 ____D C:\Windows\system32\MRT
2021-06-22 16:15 - 2014-12-16 14:40 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-06-21 13:11 - 2020-09-05 20:58 - 000003596 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2021-06-21 13:10 - 2021-04-16 10:47 - 000001028 _____ C:\Users\Public\Desktop\Avira.lnk
2021-06-21 13:10 - 2021-04-16 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

==================== Files in the root of some directories ========

2018-09-21 17:39 - 2018-09-21 17:39 - 000000000 _____ () C:\Users\User\AppData\Local\{0749FABC-0F39-4411-96D0-F72CD12122FD}
2018-09-08 14:19 - 2018-09-08 14:19 - 000000000 _____ () C:\Users\User\AppData\Local\{764ECE1D-3DBB-4643-B36D-B4BA670E02C0}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2016-03-21 11:06
==================== End of FRST.txt ========================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Jan55]

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-18-2021
# Duration: 00:00:19
# OS: Windows 8.1 Connected
# Cleaned: 13
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\User\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7356 octets] - [18/07/2021 22:10:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nbové logy FRST+Addition.

[Jan55]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
Ran by User (administrator) on HP250 (Hewlett-Packard HP 250 G3 Notebook PC) (19-07-2021 11:03:46)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <26>
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe <3>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19991_none_fa0fb7959b4c8c91\TiWorker.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-09-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [] => [X]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\Windows\system32\hpf3l02t.dll [138752 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-05-28] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2019-11-03]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0084A571-ABC1-4947-87D2-E7518902327E} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [95800 2011-07-15] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {06DBB6A8-4EF5-456B-9CC3-1EE557ABAFE1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C6622C4-E8C7-47AF-9574-E0935AF535EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {30183DB4-E015-49FA-9073-3319A7E9B687} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {415E83E5-AAE0-439C-9A21-8A968A7D0E44} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {4770B12A-1656-4B4F-81FA-F75B3742F939} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {48665298-CFEC-4A54-9DBB-9F0F41F0870E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DA7C769-A45E-46CE-B22D-23CD1C6F65A2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E56B0C5-A5BF-4166-9E1B-22FA66C4B4A8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {61F6AA87-CB06-465E-863A-32F2F5ABB998} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {715BB6F1-4D6B-42E2-8238-EB69C1A3A222} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {99FFBC53-4029-4F90-88A7-5F0CB4809BCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {A885EC29-03B3-4B8D-ACDD-FBA3555A052C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD883496-E0FF-424F-A547-73280F22FF3B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [132447432 2021-06-22] (Microsoft Windows -> Microsoft Corporation)
Task: {B706F9DA-22D9-4E46-B7CD-8FAF6E3AE020} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {D974607D-8FA0-437B-B123-091DC26DAC5E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E04BFBB2-5A46-40E9-BA14-96B73AB3E0AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E7564355-7E85-4A14-9204-0BFE1E8D87A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {EB4C7502-13CF-40CB-9AA5-132C27DE3F57} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {F1701387-9ACB-4FFB-9FE2-E9D2264BC909} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F35D36D7-FE22-4A5D-AD7B-47E4D6B4A2D6} - System32\Tasks\{11EFABAE-F07F-4F60-BF82-68ED32CEC831} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.15.0.103/cs/ ... rogressBar

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6F62CAA9-028C-41C7-AAC9-991DE99DC0C4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B0F00978-1B8B-4022-B422-9CD557A1B888}: [DhcpNameServer] 46.33.96.2 46.33.112.42

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-19]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2540335792-638658478-1060365479-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies SF -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-07-19]
CHR Notifications: Default -> hxxps://www.prodejauto.eu; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html", Not-active:"chrome-extension://aaaaddliknddhjhjcofimffekgonpkom/newtab/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Music Box) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaddliknddhjhjcofimffekgonpkom [2015-08-21]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-12]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-09-29]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-04]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-06]
CHR HKU\S-1-5-21-2540335792-638658478-1060365479-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-2540335792-638658478-1060365479-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd]
CHR HKU\S-1-5-21-2540335792-638658478-1060365479-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-25] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-19 11:03 - 2021-07-19 11:07 - 000021793 _____ C:\Users\User\Desktop\FRST.txt
2021-07-19 11:02 - 2021-07-19 11:03 - 002300416 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-07-18 22:09 - 2021-07-18 22:11 - 000000000 ____D C:\AdwCleaner
2021-07-18 21:55 - 2021-07-18 22:19 - 000000340 _____ C:\Windows\Tasks\HPCeeScheduleForUser.job
2021-07-18 21:55 - 2021-07-18 21:55 - 000003152 _____ C:\Windows\system32\Tasks\HPCeeScheduleForUser
2021-07-18 20:59 - 2021-07-19 11:06 - 000000000 ____D C:\FRST
2021-06-28 15:36 - 2021-06-05 07:23 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2021-06-28 15:36 - 2021-06-05 06:42 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-06-28 15:35 - 2021-06-05 06:30 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-19 11:02 - 2014-12-11 13:14 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2540335792-638658478-1060365479-1001
2021-07-19 08:59 - 2014-12-11 15:24 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-19 08:59 - 2014-12-11 15:24 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-19 08:59 - 2014-12-11 15:24 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-19 08:58 - 2014-12-11 13:12 - 000000000 ____D C:\Users\User\Documents\Youcam
2021-07-19 08:56 - 2014-12-11 13:22 - 000003810 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A533FE5C-83D0-4CA1-8677-3FABBC1D0739}
2021-07-19 08:50 - 2014-12-11 15:33 - 000000000 ____D C:\Users\User\AppData\Roaming\ClassicShell
2021-07-18 23:49 - 2019-02-23 16:37 - 000000000 ____D C:\Program Files (x86)\Avira
2021-07-18 23:45 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-18 23:43 - 2021-04-16 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-07-18 23:43 - 2019-02-23 16:37 - 000000000 ____D C:\ProgramData\Avira
2021-07-18 23:42 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-07-18 23:39 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-07-18 23:10 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-07-18 23:07 - 2018-07-07 14:44 - 000000000 ____D C:\Windows\Minidump
2021-07-18 23:07 - 2014-04-02 12:25 - 000000000 ____D C:\Windows\Panther
2021-07-18 23:07 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\ModemLogs
2021-07-18 21:30 - 2016-01-15 17:25 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-18 21:15 - 2014-12-11 15:24 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-18 21:15 - 2014-12-11 15:24 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-18 20:52 - 2017-10-26 08:51 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-04 16:24 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2021-07-04 16:22 - 2014-05-04 06:49 - 000763202 _____ C:\Windows\system32\perfh005.dat
2021-07-04 16:22 - 2014-05-04 06:49 - 000163924 _____ C:\Windows\system32\perfc005.dat
2021-07-04 16:22 - 2014-03-18 11:53 - 001876408 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-04 16:16 - 2013-08-22 16:44 - 000482968 _____ C:\Windows\system32\FNTCACHE.DAT
2021-07-04 15:25 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-07-04 15:25 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender
2021-07-01 17:57 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-06-22 16:39 - 2014-12-11 15:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-06-22 16:29 - 2013-08-22 15:25 - 000000199 _____ C:\Windows\win.ini
2021-06-22 16:26 - 2014-12-16 14:40 - 000000000 ____D C:\Windows\system32\MRT
2021-06-22 16:15 - 2014-12-16 14:40 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2018-09-21 17:39 - 2018-09-21 17:39 - 000000000 _____ () C:\Users\User\AppData\Local\{0749FABC-0F39-4411-96D0-F72CD12122FD}
2018-09-08 14:19 - 2018-09-08 14:19 - 000000000 _____ () C:\Users\User\AppData\Local\{764ECE1D-3DBB-4643-B36D-B4BA670E02C0}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2016-03-21 11:06
==================== End of FRST.txt ========================

[Jan55]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
Ran by User (19-07-2021 11:12:26)
Running from C:\Users\User\Desktop
Windows 8.1 Connected (Update) (X64) (2014-12-11 11:08:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2540335792-638658478-1060365479-500 - Administrator - Disabled)
Guest (S-1-5-21-2540335792-638658478-1060365479-501 - Limited - Disabled)
User (S-1-5-21-2540335792-638658478-1060365479-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20058 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free MP4 to MP3 Converter 1.0 (HKLM-x32\...\{1D6B0375-C07F-4BCB-878A-F53803282A60}_is1) (Version: - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.164 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Mediatek Bluetooth (HKLM\...\{16BCAEDC-C115-1729-07C4-7A0091C699A6}) (Version: 11.0.749.0 - Mediatek)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.52 (HKLM-x32\...\Skype_is1) (Version: 8.52 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2015-11-13] (Box, Inc.)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2014-12-17] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-10-03] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-03] (.-McAfee Inc-.)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-21] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-09] (Microsoft Corporation) [MS Ad]
Výběr prohlížeče -> C:\Windows\BrowserChoice [2014-12-13] (Microsoft Corporation)
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2014-12-17] (CYBERLINKCOM CORP)
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-03] (Hewlett-Packard Company)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2540335792-638658478-1060365479-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-04-20 11:17 - 2014-04-20 11:17 - 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2014-04-20 11:17 - 2014-04-20 11:17 - 003374272 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2014-04-20 11:17 - 2014-04-20 11:17 - 000284864 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2014-10-03 15:10 - 2014-10-03 15:10 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {074458FD-FFA6-407A-846D-68EE81737111} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {074458FD-FFA6-407A-846D-68EE81737111} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {074458FD-FFA6-407A-846D-68EE81737111} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {14935F06-5275-46F5-95E6-0A1DCCCE34D4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {2B0AF338-9F05-4C23-9899-D6340CB237E6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {8E15B25D-4C55-4DE3-ADAA-E585D8D246FC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {9778CBAB-643B-4628-B317-051C52A081C0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {B8A5F0F6-6CAD-4E2E-BC87-D790E58623F9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {C25A47A3-0822-4728-BECC-F05449577CA2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {C535430F-7112-41A2-BC87-FA163BA02415} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {DF8F21B7-0A31-43BE-B1EA-483B003063B6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2540335792-638658478-1060365479-1001 -> {FF7AAD39-1A69-4B76-BE98-2405EFAE07A3} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Desktop\10455028_677186789042833_2852566393777396394_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{14BBC30B-4772-4B9E-B35B-FE19F2AB909A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59EDCD6C-3DAD-438B-969C-58BF47E23FBA}] => (Allow) LPort=2869
FirewallRules: [{D1361036-9FAC-42AB-8228-26D670AE114D}] => (Allow) LPort=1900
FirewallRules: [{6D6ACF4D-22BF-4AE0-A93A-51300B141804}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4F3685D-C00B-44B2-8A1C-B6E657069B4F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7B62B633-88BB-4C19-A658-11754BC5440B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA68ED17-77F3-45A8-BC07-E105AEA2D12B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AE2374D3-4ABF-417A-8E80-E0D9069CD29E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{F826E173-A35A-4291-873C-1222BB385E91}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{9281503C-29F0-4EBC-9E97-5F5C07500D54}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7BE4E66D-8A8B-4BBB-A0D2-9D4306D6A59D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{D82855AD-A425-4730-9573-04B802B71BE3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{B2A9EA23-6D72-45B3-98F6-000D54226707}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{46209A0D-7310-478F-BCC4-FF276502D71A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5CB73426-B1ED-4D59-81BD-55B53C2032EB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C63C766F-2087-42F3-AAFA-F320F2B397FC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1991FD8D-091A-415D-816A-ADD59D6C09B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AEDE69C-A975-4CB1-94D0-97BEBEFC8FA7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{659C4C5E-9DFC-485B-8110-AD973F33AC8A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E0966C7-BA8E-4606-A18A-C126BE9B5DC3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{B6846DC4-8EC9-4606-A304-01FF81D199BE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [TCP Query User{D11F5781-10C1-43D4-AB80-5296FF542ADD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{3EFADA93-3054-4C37-BD81-617FCEE22E7E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [{8F5E39BD-9F4E-4F06-930D-695D24ABC524}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{936B9469-33E2-4D39-A0DF-44EFCBB7FD49}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B003B9B9-2F34-4F26-963C-91441E913014}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{56968037-2919-456B-8563-1339C80B635F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0458F29C-5DEB-428F-A7A8-A154F61D8CB8}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{346B4286-666D-495E-A522-6D2FD2FF94A7}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [{074BFE5E-E728-4D8B-AB80-B705B69FD908}] => (Allow) C:\WarThunder\launcher.exe => No File
FirewallRules: [{F99DCC34-FA58-4EA8-BE6A-4AA2EF50658B}] => (Allow) C:\WarThunder\launcher.exe => No File
FirewallRules: [{C4B3CE1A-4DBA-4CFD-9535-6D90B0A42F4C}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{D502BC74-4EC2-4CC2-8685-F81A5E33789A}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{2F3CAC3F-E5C9-42D6-8756-AB2CC0466DC6}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{433345AC-D47A-402E-8C74-4EFC67046344}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [TCP Query User{9535BAD1-6287-420F-A59E-D7818511C1F1}C:\warthunder\aces.exe] => (Block) C:\warthunder\aces.exe => No File
FirewallRules: [UDP Query User{004F032B-509F-4464-BF0C-1414BD3EB7AF}C:\warthunder\aces.exe] => (Block) C:\warthunder\aces.exe => No File
FirewallRules: [TCP Query User{19607372-881E-4EBE-8C35-C69F99A0701A}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{245C279B-2B6F-4F1F-AE1D-2C13312A9AD5}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{2EFED25E-9058-4717-8411-8C1E80A42968}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{874D42B1-A612-4190-8506-C9683D6FE16C}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{71D13C89-2228-48F0-8F83-395FEA528358}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{D94679DE-343A-40C8-88D0-8BCA46E7BD61}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{752E9707-EFDA-473D-8D89-FAED66A7E486}] => (Block) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{3C2813EC-BCC1-43E0-AEE0-829BCC1CB27C}] => (Block) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{61445F09-4CB9-43A6-98E4-92EC1DD0F224}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{68A847BF-903B-4375-A963-B3CF12412E75}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{6F5B1784-3539-4B55-8DDF-33D2CC324C54}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{6B1222F6-F82A-40B3-A572-13746E06BEBB}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{B6964F16-1EBE-45D3-84EA-268A79C421CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6151E9F4-8D16-4328-837C-5611D6D980EA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1FFA66C-4F8B-41A6-9DC0-E8EF4F370E71}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09E360E7-1B07-4E0E-8FB3-266A654D86DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57EA0AEE-C93E-499E-A858-BCCB8BAF5F6C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{F438C95F-E506-469A-85F5-7797A0FB2CC4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{C8444A64-9C15-4BA7-A388-3274F1FEE9F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{A5CFFC5F-3FE4-47A0-951E-B79F9535CD6B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-04-2021 19:10:05 Windows Update
15-05-2021 13:52:42 Windows Update
24-05-2021 16:08:12 Windows Update
22-06-2021 15:50:10 Windows Update
01-07-2021 17:36:03 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/19/2021 08:59:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/18/2021 11:55:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31235

Error: (07/18/2021 11:55:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31235

Error: (07/18/2021 11:55:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2021 11:55:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594

Error: (07/18/2021 11:55:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594

Error: (07/18/2021 11:55:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2021 10:32:47 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (1560) Pokus o otevření souboru C:\Users\User\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (07/18/2021 11:55:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SystemEventsBroker bylo dosaženo časového limitu (30000 ms).

Error: (07/18/2021 11:55:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BrokerInfrastructure bylo dosaženo časového limitu (30000 ms).

Error: (07/18/2021 11:54:34 PM) (Source: DCOM) (EventID: 10010) (User: HP250)
Description: Server {5C068441-8DC5-4C20-A101-AB9C5B0F7721} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/18/2021 11:52:35 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Centrum zabezpečení přestala během spouštění reagovat.

Error: (07/18/2021 11:51:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {4991D34B-80A1-4291-83B6-3328366B9097} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/18/2021 11:50:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba inteligentního přenosu na pozadí přestala během spouštění reagovat.

Error: (07/18/2021 11:12:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Phantom VPN bylo dosaženo časového limitu (30000 ms).

Error: (07/18/2021 11:10:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Avira Scheduler skončila s následující chybou specifickou pro službu:
Nesprávná funkce.


Windows Defender:
================
Date: 2018-04-16 12:31:54.552
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\Windows\System32\Tasks\AutoKMS;process:_pid:1612,ProcessStart:131683480358914176;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9D986A2-018F-4785-9692-9693556B10FF};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS;taskscheduler:_C:\Windows\System32\Tasks\AutoKMS
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS\AutoKMS.exe
Verze podpisu: AV: 1.265.676.0, AS: 1.265.676.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.14700.5, NIS: 2.1.14600.4

Date: 2018-04-16 12:31:54.545
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\Windows\System32\Tasks\AutoKMS;process:_pid:1612,ProcessStart:131683480358914176;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9D986A2-018F-4785-9692-9693556B10FF};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS;taskscheduler:_C:\Windows\System32\Tasks\AutoKMS
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS\AutoKMS.exe
Verze podpisu: AV: 1.265.676.0, AS: 1.265.676.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.14700.5, NIS: 2.1.14600.4

Date: 2018-04-16 12:31:24.233
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS\AutoKMS.exe;process:_pid:1612,ProcessStart:131683480358914176
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS\AutoKMS.exe
Verze podpisu: AV: 1.265.676.0, AS: 1.265.676.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.14700.5, NIS: 2.1.14600.4

Date: 2018-04-16 12:28:55.244
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS\AutoKMS.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS\AutoKMS.exe
Verze podpisu: AV: 1.265.676.0, AS: 1.265.676.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.14700.5, NIS: 2.1.14600.4

Date: 2018-04-04 15:24:53.431
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\Windows\System32\Tasks\AutoKMS;process:_pid:1604,ProcessStart:131660268837405723;process:_pid:5768,ProcessStart:131666300092077535;process:_pid:5820,ProcessStart:131665432062382383;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68F1B388-9523-44EC-AD18-7C1BF3BB6EBB};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS;taskscheduler:_C:\Windows\System32\Tasks\AutoKMS
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze podpisu: AV: 1.263.2034.0, AS: 1.263.2034.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14600.4

Date: 2021-07-18 23:54:09.427
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 119.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2021-07-18 23:54:09.411
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.606.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2021-07-18 23:54:09.411
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.606.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2021-07-18 23:54:09.114
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.606.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2021-07-18 23:54:09.114
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.606.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

==================== Memory info ===========================

BIOS: Insyde F.23 09/19/2014
Motherboard: Hewlett-Packard 2213
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 59%
Total physical RAM: 3984.27 MB
Available physical RAM: 1630.77 MB
Total Virtual: 6672.27 MB
Available Virtual: 3284.13 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:448.29 GB) (Free:291.97 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.45 GB) (Free:1.6 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{2895a9f1-7ffc-444d-8d35-e1c522e06d64}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6724854A)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
FirewallRules: [{AE2374D3-4ABF-417A-8E80-E0D9069CD29E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{F826E173-A35A-4291-873C-1222BB385E91}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{7BE4E66D-8A8B-4BBB-A0D2-9D4306D6A59D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{B2A9EA23-6D72-45B3-98F6-000D54226707}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [TCP Query User{2E0966C7-BA8E-4606-A18A-C126BE9B5DC3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{B6846DC4-8EC9-4606-A304-01FF81D199BE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [TCP Query User{D11F5781-10C1-43D4-AB80-5296FF542ADD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{3EFADA93-3054-4C37-BD81-617FCEE22E7E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [TCP Query User{0458F29C-5DEB-428F-A7A8-A154F61D8CB8}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{346B4286-666D-495E-A522-6D2FD2FF94A7}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [{074BFE5E-E728-4D8B-AB80-B705B69FD908}] => (Allow) C:\WarThunder\launcher.exe => No File
FirewallRules: [{F99DCC34-FA58-4EA8-BE6A-4AA2EF50658B}] => (Allow) C:\WarThunder\launcher.exe => No File
FirewallRules: [{C4B3CE1A-4DBA-4CFD-9535-6D90B0A42F4C}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{D502BC74-4EC2-4CC2-8685-F81A5E33789A}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{2F3CAC3F-E5C9-42D6-8756-AB2CC0466DC6}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{433345AC-D47A-402E-8C74-4EFC67046344}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [TCP Query User{9535BAD1-6287-420F-A59E-D7818511C1F1}C:\warthunder\aces.exe] => (Block) C:\warthunder\aces.exe => No File
FirewallRules: [UDP Query User{004F032B-509F-4464-BF0C-1414BD3EB7AF}C:\warthunder\aces.exe] => (Block) C:\warthunder\aces.exe => No File
FirewallRules: [TCP Query User{19607372-881E-4EBE-8C35-C69F99A0701A}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{245C279B-2B6F-4F1F-AE1D-2C13312A9AD5}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{2EFED25E-9058-4717-8411-8C1E80A42968}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{874D42B1-A612-4190-8506-C9683D6FE16C}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{71D13C89-2228-48F0-8F83-395FEA528358}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{D94679DE-343A-40C8-88D0-8BCA46E7BD61}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{752E9707-EFDA-473D-8D89-FAED66A7E486}] => (Block) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{3C2813EC-BCC1-43E0-AEE0-829BCC1CB27C}] => (Block) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{61445F09-4CB9-43A6-98E4-92EC1DD0F224}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{68A847BF-903B-4375-A963-B3CF12412E75}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{6F5B1784-3539-4B55-8DDF-33D2CC324C54}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{6B1222F6-F82A-40B3-A572-13746E06BEBB}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{57EA0AEE-C93E-499E-A858-BCCB8BAF5F6C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{F438C95F-E506-469A-85F5-7797A0FB2CC4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{C8444A64-9C15-4BA7-A388-3274F1FEE9F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\System32\Tasks\AutoKMS
C:\Program Files\Bonjour
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [] => [X]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {E7564355-7E85-4A14-9204-0BFE1E8D87A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {99FFBC53-4029-4F90-88A7-5F0CB4809BCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\User\AppData\Local\{0749FABC-0F39-4411-96D0-F72CD12122FD}
C:\Users\User\AppData\Local\{764ECE1D-3DBB-4643-B36D-B4BA670E02C0}

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Jan55]

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by User (19-07-2021 23:10:04) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
FirewallRules: [{AE2374D3-4ABF-417A-8E80-E0D9069CD29E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{F826E173-A35A-4291-873C-1222BB385E91}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{7BE4E66D-8A8B-4BBB-A0D2-9D4306D6A59D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{B2A9EA23-6D72-45B3-98F6-000D54226707}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [TCP Query User{2E0966C7-BA8E-4606-A18A-C126BE9B5DC3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{B6846DC4-8EC9-4606-A304-01FF81D199BE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [TCP Query User{D11F5781-10C1-43D4-AB80-5296FF542ADD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{3EFADA93-3054-4C37-BD81-617FCEE22E7E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [TCP Query User{0458F29C-5DEB-428F-A7A8-A154F61D8CB8}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{346B4286-666D-495E-A522-6D2FD2FF94A7}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [{074BFE5E-E728-4D8B-AB80-B705B69FD908}] => (Allow) C:\WarThunder\launcher.exe => No File
FirewallRules: [{F99DCC34-FA58-4EA8-BE6A-4AA2EF50658B}] => (Allow) C:\WarThunder\launcher.exe => No File
FirewallRules: [{C4B3CE1A-4DBA-4CFD-9535-6D90B0A42F4C}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{D502BC74-4EC2-4CC2-8685-F81A5E33789A}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{2F3CAC3F-E5C9-42D6-8756-AB2CC0466DC6}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [{433345AC-D47A-402E-8C74-4EFC67046344}] => (Allow) C:\WarThunder\bpreport.exe => No File
FirewallRules: [TCP Query User{9535BAD1-6287-420F-A59E-D7818511C1F1}C:\warthunder\aces.exe] => (Block) C:\warthunder\aces.exe => No File
FirewallRules: [UDP Query User{004F032B-509F-4464-BF0C-1414BD3EB7AF}C:\warthunder\aces.exe] => (Block) C:\warthunder\aces.exe => No File
FirewallRules: [TCP Query User{19607372-881E-4EBE-8C35-C69F99A0701A}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{245C279B-2B6F-4F1F-AE1D-2C13312A9AD5}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{2EFED25E-9058-4717-8411-8C1E80A42968}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{874D42B1-A612-4190-8506-C9683D6FE16C}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\user\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{71D13C89-2228-48F0-8F83-395FEA528358}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{D94679DE-343A-40C8-88D0-8BCA46E7BD61}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{752E9707-EFDA-473D-8D89-FAED66A7E486}] => (Block) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{3C2813EC-BCC1-43E0-AEE0-829BCC1CB27C}] => (Block) C:\warthunder\win64\aces.exe => No File
FirewallRules: [{61445F09-4CB9-43A6-98E4-92EC1DD0F224}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{68A847BF-903B-4375-A963-B3CF12412E75}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{6F5B1784-3539-4B55-8DDF-33D2CC324C54}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{6B1222F6-F82A-40B3-A572-13746E06BEBB}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{57EA0AEE-C93E-499E-A858-BCCB8BAF5F6C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{F438C95F-E506-469A-85F5-7797A0FB2CC4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{C8444A64-9C15-4BA7-A388-3274F1FEE9F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\System32\Tasks\AutoKMS
C:\Program Files\Bonjour
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2540335792-638658478-1060365479-1001\...\Run: [] => [X]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {E7564355-7E85-4A14-9204-0BFE1E8D87A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {99FFBC53-4029-4F90-88A7-5F0CB4809BCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\User\AppData\Local\{0749FABC-0F39-4411-96D0-F72CD12122FD}
C:\Users\User\AppData\Local\{764ECE1D-3DBB-4643-B36D-B4BA670E02C0}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE2374D3-4ABF-417A-8E80-E0D9069CD29E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F826E173-A35A-4291-873C-1222BB385E91}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BE4E66D-8A8B-4BBB-A0D2-9D4306D6A59D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B2A9EA23-6D72-45B3-98F6-000D54226707}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2E0966C7-BA8E-4606-A18A-C126BE9B5DC3}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B6846DC4-8EC9-4606-A304-01FF81D199BE}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D11F5781-10C1-43D4-AB80-5296FF542ADD}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3EFADA93-3054-4C37-BD81-617FCEE22E7E}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0458F29C-5DEB-428F-A7A8-A154F61D8CB8}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{346B4286-666D-495E-A522-6D2FD2FF94A7}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{074BFE5E-E728-4D8B-AB80-B705B69FD908}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F99DCC34-FA58-4EA8-BE6A-4AA2EF50658B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4B3CE1A-4DBA-4CFD-9535-6D90B0A42F4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D502BC74-4EC2-4CC2-8685-F81A5E33789A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F3CAC3F-E5C9-42D6-8756-AB2CC0466DC6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{433345AC-D47A-402E-8C74-4EFC67046344}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9535BAD1-6287-420F-A59E-D7818511C1F1}C:\warthunder\aces.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{004F032B-509F-4464-BF0C-1414BD3EB7AF}C:\warthunder\aces.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{19607372-881E-4EBE-8C35-C69F99A0701A}C:\users\user\appdata\local\mycomgames\mycomgames.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{245C279B-2B6F-4F1F-AE1D-2C13312A9AD5}C:\users\user\appdata\local\mycomgames\mycomgames.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2EFED25E-9058-4717-8411-8C1E80A42968}C:\users\user\appdata\local\mycomgames\mycomgames.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{874D42B1-A612-4190-8506-C9683D6FE16C}C:\users\user\appdata\local\mycomgames\mycomgames.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{71D13C89-2228-48F0-8F83-395FEA528358}C:\warthunder\win64\aces.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D94679DE-343A-40C8-88D0-8BCA46E7BD61}C:\warthunder\win64\aces.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{752E9707-EFDA-473D-8D89-FAED66A7E486}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C2813EC-BCC1-43E0-AEE0-829BCC1CB27C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61445F09-4CB9-43A6-98E4-92EC1DD0F224}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68A847BF-903B-4375-A963-B3CF12412E75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F5B1784-3539-4B55-8DDF-33D2CC324C54}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B1222F6-F82A-40B3-A572-13746E06BEBB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{57EA0AEE-C93E-499E-A858-BCCB8BAF5F6C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F438C95F-E506-469A-85F5-7797A0FB2CC4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C8444A64-9C15-4BA7-A388-3274F1FEE9F4}" => removed successfully
"C:\Windows\AutoKMS\AutoKMS.exe" => not found
"C:\Windows\System32\Tasks\AutoKMS" => not found
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-2540335792-638658478-1060365479-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D8A891D-890C-4808-84D8-2F436AB14653}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D8A891D-890C-4808-84D8-2F436AB14653}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Maintenance Configurator" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1687544D-7247-4F5A-965A-A6E920E55278}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1687544D-7247-4F5A-965A-A6E920E55278}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Manual Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Regular Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7564355-7E85-4A14-9204-0BFE1E8D87A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7564355-7E85-4A14-9204-0BFE1E8D87A1}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99FFBC53-4029-4F90-88A7-5F0CB4809BCF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99FFBC53-4029-4F90-88A7-5F0CB4809BCF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\System\CurrentControlSet\Services\McAPExe => removed successfully
McAPExe => service removed successfully
HKLM\System\CurrentControlSet\Services\McMPFSvc => removed successfully
McMPFSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\McNaiAnn => removed successfully
McNaiAnn => service removed successfully
HKLM\System\CurrentControlSet\Services\mcpltsvc => removed successfully
mcpltsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\McProxy => removed successfully
McProxy => service removed successfully
HKLM\System\CurrentControlSet\Services\mfecore => removed successfully
mfecore => service removed successfully
HKLM\System\CurrentControlSet\Services\MSK80Service => removed successfully
MSK80Service => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\User\AppData\Local\{0749FABC-0F39-4411-96D0-F72CD12122FD} => moved successfully
C:\Users\User\AppData\Local\{764ECE1D-3DBB-4643-B36D-B4BA670E02C0} => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 16777216 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64020107 B
Java, Flash, Steam htmlcache => 1382 B
Windows/system/drivers => 1962855 B
Edge => 0 B
Chrome => 126280443 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 4356 B
NetworkService => 81123362 B
User => 102215199 B

RecycleBin => 0 B
EmptyTemp: => 374.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:11:27 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Jan55]

PC je o dost svižnější, ještě jsem zakázal automatické aktualizace, pořád mi to strašně vytěžovalo procesor, teď je to vzhledem ke stáří stroje docela ok.

Díky moc za cenné rady

[Rudy]

Rádo se stalo!