zpomalení notebooku

Zpráva

LV1234 · #1 Příspěvek od **LV1234** » 05 led 2022 14:44

Zdravím,

po instalaci antiviru Bitdefender se mi brutálně zpomalil ntb. Bootování je na 20 minut a naštení otevřených záložek v prohlížeči dalších 10, pokud vůbec. Častěji se spíš sekne úplně a nepomůže ani Ctrl+Alt+Delete.
Prosím o kontrolu logu, a pomoc, případně čistku, s tím co tam je a být nemá.

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (05-01-2022 14:28:22)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.198\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdtrackersnmh.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\downloader.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <33>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.2.2.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [580696 2022-01-02] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [318056 2021-12-16] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {24eb1164-5980-11eb-a7bc-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {97286314-2caf-11ec-a816-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {dc08151c-e4b2-11eb-a7fe-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sxk6mPC: C:\Windows\System32\spool\prtprocs\x64\sxk6mpc.dll [65472 2019-04-03] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\sxm4mPC: C:\Windows\System32\spool\prtprocs\x64\sxm4mpc.dll [43520 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\xpb210pp: C:\Windows\System32\spool\prtprocs\x64\xpb210pp.dll [128592 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C411 Status Monitor: C:\WINDOWS\system32\hpinkstsC411LM.dll [333496 2013-02-04] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2187520 2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\sxk6m Langmon: C:\WINDOWS\system32\sxk6mlm.dll [44480 2019-04-03] (联想图像(天津)科技有限公司 -> )
HKLM\...\Print\Monitors\sxm4m Langmon: C:\WINDOWS\system32\sxm4mlm.dll [34304 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1D0376CE-9FCB-4E90-A2E0-4AB8E03B7EF2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1F214A47-1F37-44FE-AEC6-C62417682095} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2DotNetHandler.exe [1338880 2019-04-05] () [File not signed]
Task: {3C11EE14-BC52-4E97-8460-096804296E72} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {41F9C8B5-063A-4F4E-A109-85B7003B2748} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {472A035B-C6A7-4EA6-A0F0-FAB946298EDA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {66E2FDB3-AA92-4C39-8C3A-27C9CF090F95} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe LOGON (No File)
Task: {77EAB2C8-1B5D-437E-86DB-CD713406A9E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {B5CA5F44-FF3C-4382-9566-12BDC7C0DF75} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.198\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {B8223934-5FA4-420A-94BB-46FA72756F4D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFA2E682-318F-4389-9F60-911AE5542248} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {F85E500D-9F40-4F9F-B01E-1FE1DE3F3EE6} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{440f6ab2-6db7-444d-bf67-67786f254f48}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{8d306a7f-5150-4f0a-bf1d-1a3770a03ba6}: [DhcpNameServer] 8.8.8.8

Edge:
=======
DownloadDir: C:\Users\croft\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2021-07-07]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2021-07-07]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2022-01-03]
FF Extension: (Video DownloadHelper) - C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-09-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-06-29] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-12-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2022-01-02] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2022-01-02] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2022-01-05]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://drive.google.com; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://mrak.pirati.cz; hxxps://trycracksoftware.com; hxxps://upload.facebook.com; hxxps://vk.com; hxxps://www.dreamstime.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://www.wondershare.com; hxxps://zulip.pirati.cz
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-25]
CHR Extension: (Dashlane - Password Manager) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2021-12-15]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Bitdefender Wallet) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2022-01-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (FormApps Extension) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-03-08]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2022-01-02]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2021-10-21]
CHR Extension: (Super Dark Mode) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlgphodeccebbcnkgmokeegopgpnjfkc [2022-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2021-06-07]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-18]
CHR HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [198256 2021-01-25] (Pango Inc. -> AnchorFree Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2022-01-02] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2022-01-02] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2161256 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [245864 2021-12-16] (Bitdefender SRL -> Bitdefender)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [284760 2022-01-02] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2022-01-02] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
S2 EraAgentSvc; "C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3864480 2021-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [800672 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [32152 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-07-08] (Bitdefender SRL -> Bitdefender)
R0 C981D415; C:\WINDOWS\System32\drivers\C981D415.sys [478392 2020-08-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1188744 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [623008 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [483728 2021-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
U3 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-05 14:28 - 2022-01-05 14:33 - 000032321 _____ C:\Users\croft\Desktop\FRST.txt
2022-01-05 14:24 - 2022-01-05 14:24 - 002311168 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2022-01-05 07:43 - 2022-01-05 07:44 - 000018000 _____ C:\Users\croft\Downloads\libuseverisova-2021-0026.pdf
2022-01-04 06:47 - 2022-01-04 06:48 - 002272682 _____ C:\Users\croft\Downloads\prezentace_ws_Asertivní_komunikace_pro_účastníky.pdf
2022-01-04 06:42 - 2022-01-04 06:42 - 000018024 _____ C:\Users\croft\Downloads\libuseverisova-2021-0025.pdf
2022-01-03 19:38 - 2022-01-03 19:39 - 000000000 ____D C:\Users\croft\Downloads\04_2021
2022-01-03 19:35 - 2022-01-03 19:37 - 000000000 ____D C:\Users\croft\Downloads\02_2021
2022-01-03 19:35 - 2022-01-03 19:35 - 000000000 ____D C:\Users\croft\Downloads\2021
2022-01-03 19:26 - 2022-01-03 19:26 - 086498722 _____ C:\Users\croft\Downloads\fotky ze stavění laviček-20220103T182612Z-001.zip
2022-01-03 18:58 - 2022-01-03 19:06 - 000000000 ____D C:\Users\croft\Downloads\12_2020
2022-01-03 18:50 - 2022-01-03 18:58 - 000000000 ____D C:\Users\croft\Downloads\09_2020
2022-01-03 18:43 - 2022-01-03 18:48 - 000000000 ____D C:\Users\croft\Downloads\07_2020
2022-01-03 18:29 - 2022-01-03 18:42 - 000000000 ____D C:\Users\croft\Downloads\06_2020
2022-01-03 18:25 - 2022-01-03 18:35 - 000000000 ____D C:\Users\croft\Downloads\05_2020
2022-01-03 18:19 - 2022-01-03 18:22 - 000000000 ____D C:\Users\croft\Downloads\04_2020
2022-01-03 18:19 - 2022-01-03 18:19 - 000000000 ____D C:\Users\croft\Downloads\03_2020
2022-01-03 18:13 - 2022-01-03 18:13 - 000000000 ____D C:\Users\croft\Downloads\01_2020
2022-01-03 09:11 - 2022-01-03 09:12 - 000000000 ____D C:\Users\croft\Downloads\Fotky do alba
2022-01-02 19:58 - 2022-01-04 06:56 - 000000000 ____D C:\Users\croft\Desktop\Bezpečnost
2022-01-02 19:53 - 2022-01-02 19:53 - 000213428 _____ C:\ProgramData\vpn.1641149514.bdinstall.v2.bin
2022-01-02 19:53 - 2022-01-02 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2022-01-02 19:53 - 2022-01-02 19:53 - 000000000 ____D C:\ProgramData\Bitdefender VPN
2022-01-02 19:53 - 2022-01-02 19:53 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2022-01-02 19:52 - 2020-02-20 12:02 - 000047920 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2022-01-02 19:34 - 2022-01-02 19:34 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2022-01-02 19:33 - 2022-01-02 19:33 - 000647052 _____ C:\ProgramData\cl.1641147519.bdinstall.v2.bin
2022-01-02 19:33 - 2022-01-02 19:33 - 000109244 _____ C:\ProgramData\cl.kit.1641147500.bdinstall.v2.bin
2022-01-02 19:33 - 2022-01-02 19:33 - 000000000 ____D C:\ProgramData\Gemma
2022-01-02 19:33 - 2022-01-02 19:33 - 000000000 ____D C:\ProgramData\Atc
2022-01-02 19:31 - 2022-01-02 19:31 - 000000000 ____D C:\WINDOWS\system32\elambkup
2022-01-02 19:31 - 2022-01-02 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2022-01-02 19:31 - 2022-01-02 19:31 - 000000000 ____D C:\ProgramData\BDLogging
2022-01-02 19:31 - 2020-12-18 00:33 - 000022976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2022-01-02 19:30 - 2021-10-15 09:51 - 003864480 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2022-01-02 19:30 - 2021-09-28 13:31 - 000032152 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2022-01-02 19:30 - 2021-09-28 08:37 - 001188744 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2022-01-02 19:30 - 2021-08-26 13:48 - 000800672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2022-01-02 19:30 - 2021-07-08 23:36 - 000055864 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bduefiscan.sys
2022-01-02 19:28 - 2022-01-02 19:28 - 000000000 ____D C:\Users\croft\AppData\Roaming\Bitdefender
2022-01-02 19:28 - 2020-10-07 09:30 - 000185312 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2022-01-02 19:26 - 2022-01-02 19:52 - 000000000 ____D C:\Program Files\Bitdefender
2022-01-02 19:26 - 2022-01-02 19:49 - 000000000 ____D C:\ProgramData\Bitdefender
2022-01-02 19:26 - 2021-09-28 23:33 - 000623008 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-01-02 19:18 - 2022-01-02 19:28 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2022-01-02 19:18 - 2022-01-02 19:18 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-01-02 19:18 - 2021-10-14 02:16 - 000483728 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys
2022-01-02 19:16 - 2022-01-02 19:16 - 000224456 _____ C:\ProgramData\agent.1641147384.bdinstall.v2.bin
2022-01-02 19:16 - 2022-01-02 19:16 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2022-01-02 19:16 - 2022-01-02 19:16 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-01-02 18:54 - 2022-01-03 08:50 - 000000000 ____D C:\ProgramData\AVG
2022-01-02 14:51 - 2022-01-02 14:51 - 000000000 ____D C:\Users\croft\AppData\Roaming\PearlMountain
2022-01-02 14:51 - 2022-01-02 14:51 - 000000000 ____D C:\ProgramData\PearlMountain
2022-01-02 14:15 - 2022-01-02 14:15 - 000001032 _____ C:\Users\croft\Desktop\Fotor Photo Editor.lnk
2022-01-02 14:15 - 2022-01-02 14:15 - 000000000 ____D C:\ProgramData\Fotor
2022-01-02 14:10 - 2022-01-02 14:11 - 000000000 ____D C:\Program Files (x86)\Fotor
2022-01-02 13:57 - 2022-01-02 13:57 - 000000000 ____D C:\Users\Public\Documents\AdobeGCInfo
2022-01-01 19:16 - 2022-01-02 18:48 - 000000000 ____D C:\Users\croft\AppData\Roaming\FotoJet Designer
2022-01-01 18:24 - 2022-01-01 18:53 - 000000000 ____D C:\ProgramData\tmp
2022-01-01 18:24 - 2022-01-01 18:24 - 000000000 ____D C:\ProgramData\hps
2022-01-01 18:20 - 2022-01-02 13:50 - 000000000 ____D C:\Program Files\Fotolab
2022-01-01 18:09 - 2022-01-01 18:06 - 001675440 _____ C:\Program Files (x86)\setup_CEWE_FOTOLAB_fotosvet.exe
2022-01-01 11:36 - 2022-01-01 11:36 - 000002332 _____ C:\Users\croft\Desktop\Google Chrome.lnk
2021-12-30 15:38 - 2021-12-30 15:38 - 000583168 _____ C:\Users\croft\Downloads\Shtanishki.pdf
2021-12-30 15:38 - 2021-12-30 15:38 - 000479471 _____ C:\Users\croft\Downloads\Koftochka_s_zapakhom.pdf
2021-12-30 13:49 - 2021-12-30 13:49 - 002493983 _____ C:\Users\croft\Downloads\tepláky vel. 44-122.pdf
2021-12-30 13:48 - 2021-12-30 13:48 - 002384568 _____ C:\Users\croft\Downloads\tepláčky na plínu - vytištěno.pdf
2021-12-30 13:46 - 2021-12-30 13:46 - 000261469 _____ C:\Users\croft\Downloads\čepička 0-12 měsíců - vytištěno.pdf
2021-12-28 16:06 - 2021-12-28 16:06 - 002272682 _____ C:\Users\croft\Downloads\prezentace-ws_Asertivní-komunikace_pro-účastníky.pdf
2021-12-28 16:03 - 2021-12-28 16:03 - 000089589 _____ C:\Users\croft\Downloads\Faktura_2255E0507.pdf
2021-12-28 13:18 - 2021-12-28 13:18 - 000157992 _____ C:\Users\croft\Downloads\střih A4.pdf
2021-12-27 21:25 - 2021-12-27 21:25 - 015817712 _____ C:\Users\croft\Downloads\ebook-puschen-lieblingsflitzer-goes-waterkant.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 015381627 _____ C:\Users\croft\Downloads\sannys-flotter-dreier-gr-32-64-ebook-und-naehanleitung.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 011354801 _____ C:\Users\croft\Downloads\kleid-fuji-anleitung-und-schnittmuster-gr-34-50.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 009125238 _____ C:\Users\croft\Downloads\rock-thea-naehanleitung-und-schnittmuster-xs-xl-_hanna-louise-schnittmuster_1258488.pdf
2021-12-27 21:25 - 2021-12-27 21:25 - 004169197 _____ C:\Users\croft\Downloads\ebook-hoodie-carbonia-gr-32-56.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 003254765 _____ C:\Users\croft\Downloads\lilly-kleid-oder-shirt-naehanleitung-und-schnittmuster-34-50.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 001529760 _____ C:\Users\croft\Downloads\jolie-shirt-kleid-32-52.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 001059499 _____ C:\Users\croft\Downloads\rock-monceau-gr-34-46.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 000378067 _____ C:\Users\croft\Downloads\sweaterkleid-olivia-gr-32-50.zip
2021-12-26 15:58 - 2021-12-24 13:06 - 2303181638 _____ C:\Users\croft\Downloads\Yesterday.2019.1080p.BluRay.CZ.DD.5.1.x265-HDCzT.mkv
2021-12-26 15:50 - 2022-01-02 18:39 - 000000000 ____D C:\Users\croft\Downloads\Sněžit už nikdy nebude (2020) - CZ titulky
2021-12-26 15:50 - 2021-12-26 15:50 - 000094149 _____ C:\Users\croft\Downloads\[SkT]Snezit_uz_nikdy_nebude___Sniegu_juz_nigdy_nie_bedzie_(2020)(POL CZtit.)[1080p][HEVC]_=_CSFD_68%.torrent
2021-12-26 15:41 - 2021-12-26 15:49 - 3059117657 _____ C:\Users\croft\Downloads\Drazí soudruzi! 2020 cz titulky.mkv
2021-12-26 15:39 - 2021-12-26 15:48 - 2594328292 _____ C:\Users\croft\Downloads\Benedetta.2021.1080p.BluRay.x264.AAC5.1-titulky CZ.mkv
2021-12-26 15:38 - 2021-12-26 15:38 - 000012875 _____ C:\Users\croft\Downloads\[SkT]_Benedetta_(2021)[1080p]_=_CSFD_67%.torrent
2021-12-26 15:25 - 2021-12-26 16:39 - 1370061352 _____ C:\Users\croft\Downloads\Zappa.2020.BDRip.x264-DEV0.rar
2021-12-24 12:14 - 2021-12-24 12:14 - 000011654 _____ C:\Users\croft\Downloads\[SkT]Yesterday_(2019)(CZ)[1080p][HEVC]_=_CSFD_67%.torrent
2021-12-24 12:11 - 2021-12-24 12:14 - 837008759 _____ C:\Users\croft\Downloads\Zappa.2020.720p.WEBRip.x264-GalaxyRG.mkv
2021-12-24 12:07 - 2021-12-25 00:31 - 3915382784 _____ C:\Users\croft\Downloads\The Beatles Get Back Part 1 2021- CZ TIT.mkv.crdownload
2021-12-24 11:51 - 2021-12-24 11:51 - 000019598 _____ C:\Users\croft\Downloads\[SkT]The_Beatles_Essentials_(2020)[FLAC].torrent
2021-12-24 11:36 - 2021-12-24 11:55 - 2839581704 _____ C:\Users\croft\Downloads\Krakonoš a lyžníci.ts
2021-12-24 11:34 - 2021-12-24 11:34 - 000014685 _____ C:\Users\croft\Downloads\[SkT]Krakonos_a_lyznici_(1980)(CZ)_=_CSFD_75%.torrent
2021-12-24 11:34 - 2021-12-24 11:34 - 000014037 _____ C:\Users\croft\Downloads\[SkT]Krakonos_a_lyznici_(1980)(CZ)[TvRip][720pHD]_=_CSFD_75%.torrent
2021-12-22 11:24 - 2021-12-22 11:24 - 000003166 _____ C:\Users\croft\Downloads\list-493-version-22.12.2021-windows-1252.csv
2021-12-21 19:21 - 2021-12-21 19:21 - 000997022 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce (3).pdf
2021-12-21 19:20 - 2021-12-21 19:20 - 000991441 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce (2).pdf
2021-12-21 19:19 - 2021-12-21 19:19 - 000996987 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce.pdf
2021-12-21 19:19 - 2021-12-21 19:19 - 000991340 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce (1).pdf
2021-12-21 19:18 - 2021-12-21 19:18 - 000628323 _____ C:\Users\croft\Downloads\darkovy_certifikat (1).pdf
2021-12-21 19:15 - 2021-12-21 19:15 - 000622758 _____ C:\Users\croft\Downloads\darkovy_certifikat.pdf
2021-12-21 19:10 - 2021-12-21 19:10 - 000357683 _____ C:\Users\croft\Downloads\doc.pdf
2021-12-21 19:05 - 2021-12-21 19:06 - 1247514050 _____ C:\Users\croft\Downloads\Toothová Homolová Veronika (Viola Stern Fischerová) - Mengeleho děvče (Cibulková Vilma&Jitka Ježková)(12h15m23s)-20211221T180434Z-001.zip
2021-12-21 17:19 - 2021-12-21 17:19 - 000068199 _____ C:\Users\croft\Downloads\zahrádkář_A5_na_šířku-images.zip
2021-12-21 06:39 - 2021-12-21 06:39 - 000023830 _____ C:\Users\croft\Downloads\[SkT]Lednicka_Karin_-_Sikmy_kostel_(Vilma_Cibulkova)(18h26m17s).torrent
2021-12-21 06:36 - 2021-12-21 06:37 - 1247514050 _____ C:\Users\croft\Downloads\Toothová Homolová Veronika (Viola Stern Fischerová) - Mengeleho děvče (Cibulková Vilma&Jitka Ježková)(12h15m23s)-20211221T053625Z-001.zip
2021-12-20 09:32 - 2021-12-20 09:32 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-17 20:03 - 2021-12-17 20:03 - 000017965 _____ C:\Users\croft\Downloads\[SkT]Heather_Morris_-_Tater_z_Osvetimi_(2019)(CZ).torrent
2021-12-17 16:19 - 2021-12-17 16:19 - 000020105 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2021-12-17 12:17 - 2021-12-17 12:17 - 000011078 _____ C:\Users\croft\Downloads\MLD-168_2021.pdf
2021-12-15 17:28 - 2021-12-15 17:28 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-15 17:28 - 2021-12-15 17:28 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-15 17:26 - 2021-12-15 17:26 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-15 17:26 - 2021-12-15 17:26 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-15 16:50 - 2021-12-15 16:50 - 000000000 ___HD C:\$WinREAgent
2021-12-13 19:08 - 2021-12-13 19:08 - 003061574 _____ C:\Users\croft\Downloads\abenteuerkleid-maddy-ein-ueberzieh-latzkleid-_abenteuermaedchen_1258488.pdf
2021-12-13 19:08 - 2021-12-13 19:08 - 002699615 _____ C:\Users\croft\Downloads\abenteuerkleid-maddy-ein-ueberzieh-latzkleid.zip
2021-12-13 19:06 - 2021-12-13 19:06 - 007624745 _____ C:\Users\croft\Downloads\freebook-handwaermer-und-halstuchloop_frau-buentze_1258488.pdf
2021-12-13 19:06 - 2021-12-13 19:06 - 007175313 _____ C:\Users\croft\Downloads\freebook-shoulderbag-bagpack-1_from-heart-to-needle_1258488.pdf
2021-12-13 19:06 - 2021-12-13 19:06 - 007084269 _____ C:\Users\croft\Downloads\freebook-handwaermer-und-halstuchloop (1).zip
2021-12-13 19:06 - 2021-12-13 19:06 - 006573047 _____ C:\Users\croft\Downloads\freebook-shoulderbag-bagpack-1.zip
2021-12-13 19:06 - 2021-12-13 19:06 - 001961229 _____ C:\Users\croft\Downloads\freebook-piexsu-schnittmuster-hipsterbag-turnbeutel.zip
2021-12-13 19:06 - 2021-12-13 19:06 - 001811467 _____ C:\Users\croft\Downloads\freebook-piexsu-schnittmuster-hipsterbag-turnbeutel_piexsu_1258488.pdf
2021-12-13 19:05 - 2021-12-13 19:05 - 007084269 _____ C:\Users\croft\Downloads\freebook-handwaermer-und-halstuchloop.zip
2021-12-13 19:02 - 2021-12-13 19:02 - 006565300 _____ C:\Users\croft\Downloads\ebook-belana-gr-32-52_schnittverhext_1258488.pdf
2021-12-13 19:02 - 2021-12-13 19:02 - 001007997 _____ C:\Users\croft\Downloads\ebook-belana-gr-32-52.zip
2021-12-13 17:44 - 2021-12-13 17:44 - 001078788 _____ C:\Users\croft\Downloads\UDHR_2016_CZ_web.pdf
2021-12-13 06:29 - 2021-12-13 06:29 - 000000000 ____D C:\Users\croft\Downloads\záloha mobil
2021-12-11 16:23 - 2021-12-11 16:23 - 000697439 _____ C:\Users\croft\Downloads\schuze bude online.htm
2021-12-11 09:51 - 2021-12-11 09:51 - 002819559 _____ C:\Users\croft\Downloads\swap_sablona.xcf
2021-12-11 09:18 - 2021-12-11 09:22 - 1831958528 _____ C:\Users\croft\Downloads\Volání divočiny.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-05 14:32 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2022-01-05 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-05 14:24 - 2019-04-09 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-05 14:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-05 14:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-05 14:17 - 2021-02-10 09:42 - 000000000 ____D C:\Users\croft
2022-01-05 14:15 - 2021-02-10 10:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-05 14:15 - 2021-02-10 09:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-05 14:15 - 2021-02-10 09:34 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-05 14:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-04 07:16 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2022-01-04 07:11 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-04 07:11 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2022-01-04 06:55 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-03 19:20 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2022-01-03 15:38 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-03 11:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-03 11:38 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2022-01-03 10:26 - 2021-04-19 08:05 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Temp
2022-01-03 10:14 - 2019-10-29 11:16 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-03 08:11 - 2020-02-20 07:19 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-02 19:48 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-02 19:25 - 2019-03-08 17:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-02 19:23 - 2021-10-27 15:46 - 000000000 ____D C:\ProgramData\ESET
2022-01-02 19:23 - 2021-10-27 15:46 - 000000000 ____D C:\Program Files\ESET
2022-01-02 18:49 - 2021-07-16 14:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-01-02 18:49 - 2021-07-16 12:54 - 000000000 ____D C:\ProgramData\Avanquest
2022-01-02 18:30 - 2020-11-30 13:24 - 000000000 ____D C:\Users\croft\AppData\Local\CrashDumps
2022-01-02 18:30 - 2020-02-01 13:24 - 000000000 ____D C:\Users\croft\AppData\Roaming\uTorrent
2022-01-02 17:41 - 2019-04-09 12:44 - 000000000 ____D C:\Users\croft\AppData\Local\PlaceholderTileLogoFolder
2022-01-02 14:50 - 2019-04-09 18:48 - 000000000 ____D C:\Users\croft\AppData\Local\babl-0.1
2022-01-02 13:58 - 2021-05-24 08:38 - 000000000 ____D C:\Program Files (x86)\T-Mobile
2022-01-02 13:52 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Roaming\Adobe
2022-01-01 18:01 - 2021-07-16 13:04 - 000000000 ____D C:\Users\croft\AppData\Local\InPixio
2021-12-30 17:52 - 2020-07-15 15:36 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2021-12-27 17:13 - 2021-02-10 09:54 - 001694140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-27 17:13 - 2019-12-07 15:41 - 000719734 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-27 17:13 - 2019-12-07 15:41 - 000145860 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-20 10:08 - 2021-02-13 19:39 - 000000000 ____D C:\Users\croft\AppData\Roaming\Apowersoft
2021-12-20 09:37 - 2021-02-10 09:35 - 000484976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-20 09:32 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-20 09:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-20 09:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-17 20:09 - 2019-05-27 13:13 - 000000000 ____D C:\Users\croft\Desktop\zařadit
2021-12-17 19:43 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2021-12-17 16:19 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2021-12-16 12:16 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-15 17:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 16:47 - 2019-03-08 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 16:41 - 2019-03-08 15:39 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 10:48 - 2021-12-02 14:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-15 10:48 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-15 10:47 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-09 14:15 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití

==================== Files in the root of some directories ========

2022-01-01 18:09 - 2022-01-01 18:06 - 001675440 _____ () C:\Program Files (x86)\setup_CEWE_FOTOLAB_fotosvet.exe
2019-04-10 21:09 - 2022-01-02 13:57 - 000000205 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2021-12-17 16:19 - 2021-12-17 16:19 - 000020105 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
2021-08-24 05:53 - 2021-08-24 05:53 - 000007597 _____ () C:\Users\croft\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Líba (05-01-2022 14:38:15)
Running from C:\Users\croft\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2021-02-10 09:03:44)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: Bitdefender Firewall (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2020.0821.1329.24282 - Advanced Micro Devices, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.198 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 26.0.7.34 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.5.0.48 - Bitdefender)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
Fotor 4.1.8 (HKLM-x32\...\Fotor Photo Editor) (Version: 4.1.8 - )
Free MP3 Cutter 2.1 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: 2.1 - PolySoft Solutions)
FVC Free TS Converter 1.0.8 (HKLM-x32\...\{97C508D8-390D-4531-AC2E-2DDE72373DF6}_is1) (Version: 1.0.8 - FVC Studio)
GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
inPixio Photo Studio 10 Ultimate (HKLM-x32\...\{51AC753B-7521-4F25-B444-B6799E243D46}) (Version: 10.03.0 - inPixio)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0 (x64 cs)) (Version: 95.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDF-XChange Editor (HKLM\...\{8BCD796E-36EB-4B60-AA12-30BD157B0570}) (Version: 8.0.331.0 - Tracker Software Products (Canada) Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Streaming Audio Recorder V4.3.5.2 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.3.5.2 - Apowersoft LIMITED)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xerox B210 Printer (HKLM-x32\...\Xerox B210 Printer) (Version: 1.08T (06.08.2019) - Xerox Corporation)
Xerox Easy Document Creator (HKLM-x32\...\Xerox Easy Document Creator) (Version: 1.05.93 (12.08.2018) - Xerox Corporation)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 2.0.1.54 - Xerox Corporation)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox PowerENGAGE (HKLM-x32\...\{171BF116-713F-43AA-B236-D6188522E609}) (Version: 2.52.0016 - Xerox Inc.)
Xerox Scan Process Machine (HKLM-x32\...\Xerox Scan Process Machine) (Version: 1.01.13.02 - Xerox Corporation) Hidden
Xerox WorkCentre 3025 (HKLM-x32\...\Xerox WorkCentre 3025) (Version: 1.07 (10.09.2018) - Xerox Corporation)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-07] (Microsoft Corporation)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-15] (HP Inc.)
Mi Band 3 Companion -> C:\Program Files\WindowsApps\2350WintellectDev.MiBand3Companion_1.1.8.0_x64__dchtq5ycc3802 [2021-02-25] (J2Matrix)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\inPixio\inPixio Photo 11\PhotoStudioIP11.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-14 17:32 - 2020-07-14 17:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-09-09 06:17 - 2021-09-09 06:17 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2020-08-21 13:19 - 2020-08-21 13:19 - 001562624 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-21 13:28 - 2020-08-21 13:28 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-21 13:28 - 2020-08-21 13:28 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2019-04-05 08:24 - 2019-04-05 08:24 - 003753984 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Xerox\Easy Printer Manager\ScanFax2PC\CDAScan2PCMonitor64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2022-01-02] (Bitdefender SRL -> Bitdefender)
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-01-02] (Bitdefender SRL -> Bitdefender)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2022-01-02] (Bitdefender SRL -> Bitdefender)
BHO-x32: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-01-02] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-01-02] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-01-02] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\onlineregister.com -> hxxp://onlineregister.com
IE trusted site: HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\onlineregister.com -> hxxps://onlineregister.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-06-25 03:44 - 2022-01-05 14:16 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-06-16 16:52 - 2020-06-16 17:57 - 000000434 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "uupdate"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FD868332-7372-4E4D-AEE7-B03347DB60AB}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AB603749-DB79-4F4E-A263-48333E666020}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{62415A2A-625D-4BEB-8CBB-1A57C2711674}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{6FF30837-2CBC-4917-B228-11B9901E32C0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{7D705701-242F-41D4-B02A-E23EA5377692}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{A6D0C046-3EAB-4131-BC08-27F26C0DDAA0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{8D4A0E5B-CD21-4A9A-BCD2-990C9F1566D0}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{644644FC-6DA1-489A-93B1-1386454872A2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{547E4009-665C-49DF-BC60-4039BAA088DC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89D7C5B4-FFD6-4179-8C90-3E4031DC13C7}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [{BDEA06AF-B389-4A5C-A9BE-A3A0851B32B2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [{F49F3C29-F203-4223-956C-8218175D3EE7}] => (Allow) C:\Users\croft\Downloads\ff\Xerox_B210_Windows_PrintDriver_Utilities_3.70.43.08\setup.exe => No File
FirewallRules: [{F70979F3-79DD-4F93-8804-D455BDDEB8E8}] => (Allow) C:\Users\croft\Downloads\ff\Xerox_B210_Windows_PrintDriver_Utilities_3.70.43.08\setup.exe => No File
FirewallRules: [{CE3F7314-C03E-41FD-939F-6A86139FD613}] => (Allow) C:\Windows\twain_32\Xerox\WC3025\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{9A08E2E2-FF5B-43AB-AB0F-CB88B513E8F4}] => (Allow) C:\Windows\twain_32\Xerox\WC3025\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{734822C6-127F-43B0-A1E9-B42D28CA0C3E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{738F87C2-38FE-4CF9-B12B-2F127C2FD382}] => (Allow) C:\Program Files (x86)\Xerox\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{43C049C6-BC7B-447B-AFA6-5D10F88E9DA8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5335F4FF-41F9-4F0B-8E83-9539ED15BE33}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1917A48F-E5EE-4D98-9C64-F5C98695FBFA}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\EasyPrinterManagerV2.exe (Xerox) [File not signed]
FirewallRules: [{14CFD63B-005D-45B1-A8DA-66816A03F514}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\OrderSupplies.exe (Xerox) [File not signed]
FirewallRules: [{2F2F1EA2-2AC8-41C1-A14B-2FFD6D77E121}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2AlertList.exe (Xerox) [File not signed]
FirewallRules: [{A642D1F5-7B2D-4C25-AA1D-0459E2ADE75A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2Migrator.exe () [File not signed]
FirewallRules: [{DCE8DB32-D17F-4D39-8282-929D5D9E28DF}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDArecovery.exe () [File not signed]
FirewallRules: [{41CBE98D-8D64-4E98-994D-0077684C00AC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BC9B48C6-BD2D-4177-B307-825CCA4F6E59}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2B906623-810E-4A25-A755-D8470F9BEF5F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{39EFB861-A254-4F9D-A848-41B6B20AB08D}] => (Allow) C:\Users\croft\Downloads\ff\Xerox_B210_Windows_PrintDriver_Utilities_3.70.43.08\setup.exe => No File
FirewallRules: [TCP Query User{E873978F-F017-4802-A342-8E25E49DCCE7}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{39FEE894-400D-4B64-BB7C-EA2C2E5376F8}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{9A78E35A-3ED3-47CE-AE9B-6851693EBAEB}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4981C9F4-E61F-40D3-9B20-507037035960}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{7B2177B4-E21F-4A31-80C9-9E38780B9AD2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

24-12-2021 10:44:29 Naplánovaný kontrolní bod
01-01-2022 10:53:29 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2022 01:54:30 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 113188277 ms

DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]

Error: (01/05/2022 07:41:53 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/05/2022 07:36:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WUDFHost.exe, verze: 10.0.19041.1, časové razítko: 0xe092f869
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1288, časové razítko: 0xa280d1d6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff199
ID chybujícího procesu: 0x76c
Čas spuštění chybující aplikace: 0x01d8012c0a07bd51
Cesta k chybující aplikaci: C:\Windows\System32\WUDFHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 6350cb41-abfe-4bf2-aca8-413456ff76e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2022 07:35:48 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 90458198 ms

DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]

Error: (01/04/2022 06:55:26 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/04/2022 06:20:08 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/04/2022 06:16:57 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 52710023 ms

DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]

Error: (01/03/2022 09:08:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program EasyPrinterManagerV2.exe verze 1.0.0.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3378

Čas spuštění: 01d800783e23f610

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Xerox\Easy Printer Manager\EasyPrinterManagerV2.exe

ID hlášení: 2d523bc6-5a6c-42f5-8319-477eebbe27ea

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

System errors:
=============
Error: (01/05/2022 02:20:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (01/05/2022 02:16:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby WsAppService bylo dosaženo časového limitu (45000 ms).

Error: (01/05/2022 02:16:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba XTU3SERVICE neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/05/2022 02:16:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby XTU3SERVICE bylo dosaženo časového limitu (45000 ms).

Error: (01/05/2022 02:15:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NcbService byla ukončena s následující chybou:
Zařízení připojené k systému nefunguje.

Error: (01/05/2022 02:15:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EraAgentSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/05/2022 02:15:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:57:46, ‎05.‎01.‎2022) bylo neočekávané.

Error: (01/04/2022 07:07:19 AM) (Source: DCOM) (EventID: 10001) (User: LÍBA)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Windows Defender:
================
Date: 2021-11-11 10:06:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2B3BCBB9-2D7E-42F5-9399-7972DDED44BF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-10 19:24:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {624D646A-6165-4A0E-B639-65D2344F0A4D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-08 08:33:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C5FEAA35-16C5-4197-A8DD-C0D584134C31}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-07 11:16:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ECB3410F-6FD3-470E-A017-E051FFE6D6BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-05 08:44:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {49D00361-B6D7-4FC4-9FC6-61DAE6DD2AF1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

CodeIntegrity:
===============
Date: 2022-01-02 19:24:44
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2022-01-02 19:22:44
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-01-02 19:22:01
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde F.33 12/17/2019
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 74%
Total physical RAM: 8078.22 MB
Available physical RAM: 2062.16 MB
Total Virtual: 13198.22 MB
Available Virtual: 4766.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.39 GB) (Free:795.1 GB) NTFS

\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{860939b6-fb5f-463e-8b3c-02d4a2ddb0a6}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **JaRon** » 05 led 2022 15:01

ahoj
AV: Bitdefender Antivirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: Bitdefender Firewall (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}
musis sa rozhodnut bud ESET alebo Bitdefender

ak si sa rozhodol pre Bitdefender, tak si stiahni ESET uninstaller z ich stranky a v nudzovom rezime odstran ESET

LV1234 · #3 Příspěvek od **LV1234** » 05 led 2022 15:50

Nechce mi to nic odinstalovat. Soubor nenalezen, což je divný

~ESETUninstaller.zip: (20.19 KiB) Staženo 56 x

#4 Příspěvek od **JaRon** » 05 led 2022 17:36

Uninstaller.zip rozbalis najlepsie na C:
Restartuj PC do nudzoveho rezimu
Spustis prikazovy riadok - cmd
V nom spustis uninstaller z c:
Postupujes podla pokynov
Nazaver restart
Ak sa z nejakych dovodov nepodari odinstalovat Eset, takodinstaluj Bitdefender

LV1234 · #5 Příspěvek od **LV1234** » 06 led 2022 16:38

tak odinstalován Bitdefender. Eset se mi nepodařilo.
Rychlost se ale nezlepšila.

Dám nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (06-01-2022 16:21:24)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <33>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [CL-26-760684C4-81B8-43CB-B642-A891AA464398] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-760684C4-81B8-43CB-B642-A891AA464398\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-26-760684C4-81B8-43CB-B642-A891AA4 (the data entry has 7 more characters). (No File)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2021-12-08] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {24eb1164-5980-11eb-a7bc-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {97286314-2caf-11ec-a816-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {dc08151c-e4b2-11eb-a7fe-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sxk6mPC: C:\Windows\System32\spool\prtprocs\x64\sxk6mpc.dll [65472 2019-04-03] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\sxm4mPC: C:\Windows\System32\spool\prtprocs\x64\sxm4mpc.dll [43520 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\xpb210pp: C:\Windows\System32\spool\prtprocs\x64\xpb210pp.dll [128592 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C411 Status Monitor: C:\WINDOWS\system32\hpinkstsC411LM.dll [333496 2013-02-04] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2187520 2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\sxk6m Langmon: C:\WINDOWS\system32\sxk6mlm.dll [44480 2019-04-03] (联想图像(天津)科技有限公司 -> )
HKLM\...\Print\Monitors\sxm4m Langmon: C:\WINDOWS\system32\sxm4mlm.dll [34304 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1BB46296-673D-4C93-BCFD-C5788FB19BEB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {1D0376CE-9FCB-4E90-A2E0-4AB8E03B7EF2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1F214A47-1F37-44FE-AEC6-C62417682095} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2DotNetHandler.exe [1338880 2019-04-05] () [File not signed]
Task: {3C11EE14-BC52-4E97-8460-096804296E72} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {41F9C8B5-063A-4F4E-A109-85B7003B2748} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {4EE2AD22-BAE5-4A87-A499-0063BAF59A49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66E2FDB3-AA92-4C39-8C3A-27C9CF090F95} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe LOGON (No File)
Task: {7270612A-16BA-4CDC-BD99-2767E62630D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77EAB2C8-1B5D-437E-86DB-CD713406A9E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {7EC15F66-6047-4038-BA26-D39147F2F2E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81741902-9F4F-4286-B325-C21208A56EE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {B8223934-5FA4-420A-94BB-46FA72756F4D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFA2E682-318F-4389-9F60-911AE5542248} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {F85E500D-9F40-4F9F-B01E-1FE1DE3F3EE6} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{440f6ab2-6db7-444d-bf67-67786f254f48}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{8d306a7f-5150-4f0a-bf1d-1a3770a03ba6}: [DhcpNameServer] 8.8.8.8

Edge:
=======
DownloadDir: C:\Users\croft\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2021-07-07]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2021-07-07]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2022-01-03]
FF Extension: (Video DownloadHelper) - C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-09-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2022-01-06]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://drive.google.com; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://mrak.pirati.cz; hxxps://trycracksoftware.com; hxxps://upload.facebook.com; hxxps://vk.com; hxxps://www.dreamstime.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://www.wondershare.com; hxxps://zulip.pirati.cz
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-25]
CHR Extension: (Dashlane - Password Manager) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2022-01-06]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (FormApps Extension) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-03-08]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2021-10-21]
CHR Extension: (Super Dark Mode) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlgphodeccebbcnkgmokeegopgpnjfkc [2022-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2021-06-07]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-18]
CHR HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2021-12-08] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2021-12-08] (ESET, spol. s r.o. -> ESET)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
S2 EraAgentSvc; "C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 C981D415; C:\WINDOWS\System32\drivers\C981D415.sys [478392 2020-08-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-12-08] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-12-08] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-12-08] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43920 2021-12-08] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [69736 2021-12-08] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-12-08] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
U3 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 16:15 - 2022-01-06 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-01-06 15:39 - 2022-01-06 15:39 - 000106384 _____ C:\ProgramData\vpn.uninstall.1641479435.bdinstall.v2.bin
2022-01-06 15:39 - 2022-01-06 15:39 - 000090056 _____ C:\ProgramData\agent.uninstall.1641479967.bdinstall.v2.bin
2022-01-06 15:21 - 2022-01-06 15:22 - 000430004 _____ C:\ProgramData\cl.uninstall.1641478600.bdinstall.v2.bin
2022-01-06 15:14 - 2022-01-06 15:14 - 008398952 _____ (ESET) C:\Users\croft\Downloads\eset_internet_security_live_installer.exe
2022-01-06 15:04 - 2022-01-06 15:04 - 007511448 _____ (VS Revo Group ) C:\Users\croft\Downloads\revosetup.exe
2022-01-06 15:04 - 2022-01-06 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-01-06 15:04 - 2022-01-06 15:04 - 000000000 ____D C:\Program Files\VS Revo Group
2022-01-06 14:51 - 2022-01-06 14:51 - 000860792 _____ (ESET) C:\WINDOWS\esetuninstaller.exe
2022-01-06 14:23 - 2022-01-06 14:23 - 001090168 _____ (ESET) C:\esetuninstaller.exe
2022-01-06 14:12 - 2022-01-06 14:12 - 012792104 _____ (ESET) C:\Users\croft\Downloads\avremover_nt64_enu (1).exe
2022-01-06 14:09 - 2022-01-06 14:09 - 012792104 _____ (ESET) C:\Users\croft\Downloads\avremover_nt64_enu.exe
2022-01-05 16:12 - 2022-01-05 16:12 - 000020670 _____ C:\Users\croft\Downloads\~ESETUninstaller.zip
2022-01-05 15:32 - 2022-01-06 14:46 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-05 15:31 - 2022-01-06 14:47 - 000854816 _____ C:\WINDOWS\ntbtlog.txt
2022-01-05 14:38 - 2022-01-05 14:42 - 000045677 _____ C:\Users\croft\Desktop\Addition.txt
2022-01-05 14:28 - 2022-01-06 16:23 - 000029506 _____ C:\Users\croft\Desktop\FRST.txt
2022-01-05 14:24 - 2022-01-05 14:24 - 002311168 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2022-01-05 07:43 - 2022-01-05 07:44 - 000018000 _____ C:\Users\croft\Downloads\libuseverisova-2021-0026.pdf
2022-01-04 06:47 - 2022-01-04 06:48 - 002272682 _____ C:\Users\croft\Downloads\prezentace_ws_Asertivní_komunikace_pro_účastníky.pdf
2022-01-04 06:42 - 2022-01-04 06:42 - 000018024 _____ C:\Users\croft\Downloads\libuseverisova-2021-0025.pdf
2022-01-03 19:38 - 2022-01-03 19:39 - 000000000 ____D C:\Users\croft\Downloads\04_2021
2022-01-03 19:35 - 2022-01-03 19:37 - 000000000 ____D C:\Users\croft\Downloads\02_2021
2022-01-03 19:35 - 2022-01-03 19:35 - 000000000 ____D C:\Users\croft\Downloads\2021
2022-01-03 19:26 - 2022-01-03 19:26 - 086498722 _____ C:\Users\croft\Downloads\fotky ze stavění laviček-20220103T182612Z-001.zip
2022-01-03 18:58 - 2022-01-03 19:06 - 000000000 ____D C:\Users\croft\Downloads\12_2020
2022-01-03 18:50 - 2022-01-03 18:58 - 000000000 ____D C:\Users\croft\Downloads\09_2020
2022-01-03 18:43 - 2022-01-03 18:48 - 000000000 ____D C:\Users\croft\Downloads\07_2020
2022-01-03 18:29 - 2022-01-03 18:42 - 000000000 ____D C:\Users\croft\Downloads\06_2020
2022-01-03 18:25 - 2022-01-03 18:35 - 000000000 ____D C:\Users\croft\Downloads\05_2020
2022-01-03 18:19 - 2022-01-03 18:22 - 000000000 ____D C:\Users\croft\Downloads\04_2020
2022-01-03 18:19 - 2022-01-03 18:19 - 000000000 ____D C:\Users\croft\Downloads\03_2020
2022-01-03 18:13 - 2022-01-03 18:13 - 000000000 ____D C:\Users\croft\Downloads\01_2020
2022-01-03 09:11 - 2022-01-03 09:12 - 000000000 ____D C:\Users\croft\Downloads\Fotky do alba
2022-01-02 19:58 - 2022-01-06 16:20 - 000000000 ____D C:\Users\croft\Desktop\Bezpečnost
2022-01-02 19:53 - 2022-01-02 19:53 - 000213428 _____ C:\ProgramData\vpn.1641149514.bdinstall.v2.bin
2022-01-02 19:34 - 2022-01-02 19:34 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2022-01-02 19:33 - 2022-01-02 19:33 - 000647052 _____ C:\ProgramData\cl.1641147519.bdinstall.v2.bin
2022-01-02 19:33 - 2022-01-02 19:33 - 000109244 _____ C:\ProgramData\cl.kit.1641147500.bdinstall.v2.bin
2022-01-02 19:33 - 2022-01-02 19:33 - 000000000 ____D C:\ProgramData\Gemma
2022-01-02 19:33 - 2022-01-02 19:33 - 000000000 ____D C:\ProgramData\Atc
2022-01-02 19:31 - 2022-01-02 19:31 - 000000000 ____D C:\WINDOWS\system32\elambkup
2022-01-02 19:31 - 2022-01-02 19:31 - 000000000 ____D C:\ProgramData\BDLogging
2022-01-02 19:26 - 2022-01-06 15:24 - 000000000 ____D C:\Program Files\Bitdefender
2022-01-02 19:16 - 2022-01-06 15:39 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-01-02 19:16 - 2022-01-02 19:16 - 000224456 _____ C:\ProgramData\agent.1641147384.bdinstall.v2.bin
2022-01-02 19:16 - 2022-01-02 19:16 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2022-01-02 18:54 - 2022-01-03 08:50 - 000000000 ____D C:\ProgramData\AVG
2022-01-02 14:51 - 2022-01-02 14:51 - 000000000 ____D C:\Users\croft\AppData\Roaming\PearlMountain
2022-01-02 14:51 - 2022-01-02 14:51 - 000000000 ____D C:\ProgramData\PearlMountain
2022-01-02 14:15 - 2022-01-02 14:15 - 000001032 _____ C:\Users\croft\Desktop\Fotor Photo Editor.lnk
2022-01-02 14:15 - 2022-01-02 14:15 - 000000000 ____D C:\ProgramData\Fotor
2022-01-02 14:10 - 2022-01-02 14:11 - 000000000 ____D C:\Program Files (x86)\Fotor
2022-01-02 13:57 - 2022-01-02 13:57 - 000000000 ____D C:\Users\Public\Documents\AdobeGCInfo
2022-01-01 19:16 - 2022-01-02 18:48 - 000000000 ____D C:\Users\croft\AppData\Roaming\FotoJet Designer
2022-01-01 18:24 - 2022-01-06 16:06 - 000000000 ____D C:\ProgramData\tmp
2022-01-01 18:24 - 2022-01-01 18:24 - 000000000 ____D C:\ProgramData\hps
2022-01-01 18:20 - 2022-01-02 13:50 - 000000000 ____D C:\Program Files\Fotolab
2022-01-01 18:09 - 2022-01-01 18:06 - 001675440 _____ C:\Program Files (x86)\setup_CEWE_FOTOLAB_fotosvet.exe
2022-01-01 11:36 - 2022-01-01 11:36 - 000002332 _____ C:\Users\croft\Desktop\Google Chrome.lnk
2021-12-30 15:38 - 2021-12-30 15:38 - 000583168 _____ C:\Users\croft\Downloads\Shtanishki.pdf
2021-12-30 15:38 - 2021-12-30 15:38 - 000479471 _____ C:\Users\croft\Downloads\Koftochka_s_zapakhom.pdf
2021-12-30 13:49 - 2021-12-30 13:49 - 002493983 _____ C:\Users\croft\Downloads\tepláky vel. 44-122.pdf
2021-12-30 13:48 - 2021-12-30 13:48 - 002384568 _____ C:\Users\croft\Downloads\tepláčky na plínu - vytištěno.pdf
2021-12-30 13:46 - 2021-12-30 13:46 - 000261469 _____ C:\Users\croft\Downloads\čepička 0-12 měsíců - vytištěno.pdf
2021-12-28 16:06 - 2021-12-28 16:06 - 002272682 _____ C:\Users\croft\Downloads\prezentace-ws_Asertivní-komunikace_pro-účastníky.pdf
2021-12-28 16:03 - 2021-12-28 16:03 - 000089589 _____ C:\Users\croft\Downloads\Faktura_2255E0507.pdf
2021-12-28 13:18 - 2021-12-28 13:18 - 000157992 _____ C:\Users\croft\Downloads\střih A4.pdf
2021-12-27 21:25 - 2021-12-27 21:25 - 015817712 _____ C:\Users\croft\Downloads\ebook-puschen-lieblingsflitzer-goes-waterkant.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 015381627 _____ C:\Users\croft\Downloads\sannys-flotter-dreier-gr-32-64-ebook-und-naehanleitung.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 011354801 _____ C:\Users\croft\Downloads\kleid-fuji-anleitung-und-schnittmuster-gr-34-50.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 009125238 _____ C:\Users\croft\Downloads\rock-thea-naehanleitung-und-schnittmuster-xs-xl-_hanna-louise-schnittmuster_1258488.pdf
2021-12-27 21:25 - 2021-12-27 21:25 - 004169197 _____ C:\Users\croft\Downloads\ebook-hoodie-carbonia-gr-32-56.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 003254765 _____ C:\Users\croft\Downloads\lilly-kleid-oder-shirt-naehanleitung-und-schnittmuster-34-50.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 001529760 _____ C:\Users\croft\Downloads\jolie-shirt-kleid-32-52.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 001059499 _____ C:\Users\croft\Downloads\rock-monceau-gr-34-46.zip
2021-12-27 21:25 - 2021-12-27 21:25 - 000378067 _____ C:\Users\croft\Downloads\sweaterkleid-olivia-gr-32-50.zip
2021-12-26 15:58 - 2021-12-24 13:06 - 2303181638 _____ C:\Users\croft\Downloads\Yesterday.2019.1080p.BluRay.CZ.DD.5.1.x265-HDCzT.mkv
2021-12-26 15:50 - 2022-01-02 18:39 - 000000000 ____D C:\Users\croft\Downloads\Sněžit už nikdy nebude (2020) - CZ titulky
2021-12-26 15:50 - 2021-12-26 15:50 - 000094149 _____ C:\Users\croft\Downloads\[SkT]Snezit_uz_nikdy_nebude___Sniegu_juz_nigdy_nie_bedzie_(2020)(POL CZtit.)[1080p][HEVC]_=_CSFD_68%.torrent
2021-12-26 15:41 - 2021-12-26 15:49 - 3059117657 _____ C:\Users\croft\Downloads\Drazí soudruzi! 2020 cz titulky.mkv
2021-12-26 15:39 - 2021-12-26 15:48 - 2594328292 _____ C:\Users\croft\Downloads\Benedetta.2021.1080p.BluRay.x264.AAC5.1-titulky CZ.mkv
2021-12-26 15:38 - 2021-12-26 15:38 - 000012875 _____ C:\Users\croft\Downloads\[SkT]_Benedetta_(2021)[1080p]_=_CSFD_67%.torrent
2021-12-26 15:25 - 2021-12-26 16:39 - 1370061352 _____ C:\Users\croft\Downloads\Zappa.2020.BDRip.x264-DEV0.rar
2021-12-24 12:14 - 2021-12-24 12:14 - 000011654 _____ C:\Users\croft\Downloads\[SkT]Yesterday_(2019)(CZ)[1080p][HEVC]_=_CSFD_67%.torrent
2021-12-24 12:11 - 2021-12-24 12:14 - 837008759 _____ C:\Users\croft\Downloads\Zappa.2020.720p.WEBRip.x264-GalaxyRG.mkv
2021-12-24 12:07 - 2021-12-25 00:31 - 3915382784 _____ C:\Users\croft\Downloads\The Beatles Get Back Part 1 2021- CZ TIT.mkv.crdownload
2021-12-24 11:51 - 2021-12-24 11:51 - 000019598 _____ C:\Users\croft\Downloads\[SkT]The_Beatles_Essentials_(2020)[FLAC].torrent
2021-12-24 11:36 - 2021-12-24 11:55 - 2839581704 _____ C:\Users\croft\Downloads\Krakonoš a lyžníci.ts
2021-12-24 11:34 - 2021-12-24 11:34 - 000014685 _____ C:\Users\croft\Downloads\[SkT]Krakonos_a_lyznici_(1980)(CZ)_=_CSFD_75%.torrent
2021-12-24 11:34 - 2021-12-24 11:34 - 000014037 _____ C:\Users\croft\Downloads\[SkT]Krakonos_a_lyznici_(1980)(CZ)[TvRip][720pHD]_=_CSFD_75%.torrent
2021-12-22 11:24 - 2021-12-22 11:24 - 000003166 _____ C:\Users\croft\Downloads\list-493-version-22.12.2021-windows-1252.csv
2021-12-21 19:21 - 2021-12-21 19:21 - 000997022 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce (3).pdf
2021-12-21 19:20 - 2021-12-21 19:20 - 000991441 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce (2).pdf
2021-12-21 19:19 - 2021-12-21 19:19 - 000996987 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce.pdf
2021-12-21 19:19 - 2021-12-21 19:19 - 000991340 _____ C:\Users\croft\Downloads\darkovy_certifikat_vanoce (1).pdf
2021-12-21 19:18 - 2021-12-21 19:18 - 000628323 _____ C:\Users\croft\Downloads\darkovy_certifikat (1).pdf
2021-12-21 19:15 - 2021-12-21 19:15 - 000622758 _____ C:\Users\croft\Downloads\darkovy_certifikat.pdf
2021-12-21 19:10 - 2021-12-21 19:10 - 000357683 _____ C:\Users\croft\Downloads\doc.pdf
2021-12-21 19:05 - 2021-12-21 19:06 - 1247514050 _____ C:\Users\croft\Downloads\Toothová Homolová Veronika (Viola Stern Fischerová) - Mengeleho děvče (Cibulková Vilma&Jitka Ježková)(12h15m23s)-20211221T180434Z-001.zip
2021-12-21 17:19 - 2021-12-21 17:19 - 000068199 _____ C:\Users\croft\Downloads\zahrádkář_A5_na_šířku-images.zip
2021-12-21 06:39 - 2021-12-21 06:39 - 000023830 _____ C:\Users\croft\Downloads\[SkT]Lednicka_Karin_-_Sikmy_kostel_(Vilma_Cibulkova)(18h26m17s).torrent
2021-12-21 06:36 - 2021-12-21 06:37 - 1247514050 _____ C:\Users\croft\Downloads\Toothová Homolová Veronika (Viola Stern Fischerová) - Mengeleho děvče (Cibulková Vilma&Jitka Ježková)(12h15m23s)-20211221T053625Z-001.zip
2021-12-20 09:32 - 2021-12-20 09:32 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-17 20:03 - 2021-12-17 20:03 - 000017965 _____ C:\Users\croft\Downloads\[SkT]Heather_Morris_-_Tater_z_Osvetimi_(2019)(CZ).torrent
2021-12-17 16:19 - 2021-12-17 16:19 - 000020105 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2021-12-17 12:17 - 2021-12-17 12:17 - 000011078 _____ C:\Users\croft\Downloads\MLD-168_2021.pdf
2021-12-15 17:28 - 2021-12-15 17:28 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-15 17:28 - 2021-12-15 17:28 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-15 17:26 - 2021-12-15 17:26 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-15 17:26 - 2021-12-15 17:26 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-15 16:50 - 2021-12-15 16:50 - 000000000 ___HD C:\$WinREAgent
2021-12-13 19:08 - 2021-12-13 19:08 - 003061574 _____ C:\Users\croft\Downloads\abenteuerkleid-maddy-ein-ueberzieh-latzkleid-_abenteuermaedchen_1258488.pdf
2021-12-13 19:08 - 2021-12-13 19:08 - 002699615 _____ C:\Users\croft\Downloads\abenteuerkleid-maddy-ein-ueberzieh-latzkleid.zip
2021-12-13 19:06 - 2021-12-13 19:06 - 007624745 _____ C:\Users\croft\Downloads\freebook-handwaermer-und-halstuchloop_frau-buentze_1258488.pdf
2021-12-13 19:06 - 2021-12-13 19:06 - 007175313 _____ C:\Users\croft\Downloads\freebook-shoulderbag-bagpack-1_from-heart-to-needle_1258488.pdf
2021-12-13 19:06 - 2021-12-13 19:06 - 007084269 _____ C:\Users\croft\Downloads\freebook-handwaermer-und-halstuchloop (1).zip
2021-12-13 19:06 - 2021-12-13 19:06 - 006573047 _____ C:\Users\croft\Downloads\freebook-shoulderbag-bagpack-1.zip
2021-12-13 19:06 - 2021-12-13 19:06 - 001961229 _____ C:\Users\croft\Downloads\freebook-piexsu-schnittmuster-hipsterbag-turnbeutel.zip
2021-12-13 19:06 - 2021-12-13 19:06 - 001811467 _____ C:\Users\croft\Downloads\freebook-piexsu-schnittmuster-hipsterbag-turnbeutel_piexsu_1258488.pdf
2021-12-13 19:05 - 2021-12-13 19:05 - 007084269 _____ C:\Users\croft\Downloads\freebook-handwaermer-und-halstuchloop.zip
2021-12-13 19:02 - 2021-12-13 19:02 - 006565300 _____ C:\Users\croft\Downloads\ebook-belana-gr-32-52_schnittverhext_1258488.pdf
2021-12-13 19:02 - 2021-12-13 19:02 - 001007997 _____ C:\Users\croft\Downloads\ebook-belana-gr-32-52.zip
2021-12-13 17:44 - 2021-12-13 17:44 - 001078788 _____ C:\Users\croft\Downloads\UDHR_2016_CZ_web.pdf
2021-12-13 06:29 - 2021-12-13 06:29 - 000000000 ____D C:\Users\croft\Downloads\záloha mobil
2021-12-11 16:23 - 2021-12-11 16:23 - 000697439 _____ C:\Users\croft\Downloads\schuze bude online.htm
2021-12-11 09:51 - 2021-12-11 09:51 - 002819559 _____ C:\Users\croft\Downloads\swap_sablona.xcf
2021-12-11 09:18 - 2021-12-11 09:22 - 1831958528 _____ C:\Users\croft\Downloads\Volání divočiny.avi
2021-12-08 12:50 - 2021-12-08 12:50 - 000201984 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000183408 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000124496 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000069736 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000043920 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-12-07 11:11 - 2021-12-07 11:11 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 16:24 - 2019-04-09 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-06 16:22 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2022-01-06 16:16 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-06 16:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-06 16:15 - 2021-10-27 15:46 - 000000000 ____D C:\ProgramData\ESET
2022-01-06 16:15 - 2021-10-27 15:46 - 000000000 ____D C:\Program Files\ESET
2022-01-06 16:06 - 2021-03-22 14:02 - 000000000 ____D C:\Users\croft\Downloads\Mustery k helios
2022-01-06 16:06 - 2021-02-06 13:20 - 000000000 ___DC C:\WINDOWS\Panther
2022-01-06 16:06 - 2020-11-30 13:24 - 000000000 ____D C:\Users\croft\AppData\Local\CrashDumps
2022-01-06 16:06 - 2020-02-01 13:24 - 000000000 ____D C:\Users\croft\AppData\Roaming\uTorrent
2022-01-06 16:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-06 16:06 - 2019-04-10 16:58 - 000000000 ____D C:\Users\Líba záloha
2022-01-06 16:06 - 2019-04-09 15:13 - 000000000 ____D C:\Program Files (x86)\Torrent
2022-01-06 15:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-06 15:25 - 2021-02-10 10:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-06 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-06 15:24 - 2021-02-10 09:34 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-06 15:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-06 15:18 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-06 15:17 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-06 14:57 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2022-01-06 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-06 13:17 - 2021-02-10 10:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-06 13:14 - 2021-02-10 09:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-05 15:29 - 2021-02-10 09:54 - 001694140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-05 15:29 - 2019-12-07 15:41 - 000719734 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-05 15:29 - 2019-12-07 15:41 - 000145860 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-05 15:09 - 2021-02-10 09:42 - 000000000 ____D C:\Users\croft
2022-01-05 14:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-04 07:11 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2022-01-03 19:20 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2022-01-03 11:38 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2022-01-03 10:26 - 2021-04-19 08:05 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Temp
2022-01-03 10:14 - 2019-10-29 11:16 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-03 08:11 - 2020-02-20 07:19 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-02 19:25 - 2019-03-08 17:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-02 18:49 - 2021-07-16 14:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-01-02 18:49 - 2021-07-16 12:54 - 000000000 ____D C:\ProgramData\Avanquest
2022-01-02 17:41 - 2019-04-09 12:44 - 000000000 ____D C:\Users\croft\AppData\Local\PlaceholderTileLogoFolder
2022-01-02 14:50 - 2019-04-09 18:48 - 000000000 ____D C:\Users\croft\AppData\Local\babl-0.1
2022-01-02 13:58 - 2021-05-24 08:38 - 000000000 ____D C:\Program Files (x86)\T-Mobile
2022-01-02 13:52 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Roaming\Adobe
2022-01-01 18:01 - 2021-07-16 13:04 - 000000000 ____D C:\Users\croft\AppData\Local\InPixio
2021-12-30 17:52 - 2020-07-15 15:36 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2021-12-20 10:08 - 2021-02-13 19:39 - 000000000 ____D C:\Users\croft\AppData\Roaming\Apowersoft
2021-12-20 09:37 - 2021-02-10 09:35 - 000484976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-20 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-20 09:32 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-20 09:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-20 09:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-17 20:09 - 2019-05-27 13:13 - 000000000 ____D C:\Users\croft\Desktop\zařadit
2021-12-17 19:43 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2021-12-17 16:19 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2021-12-16 12:16 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-15 17:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 16:47 - 2019-03-08 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 16:41 - 2019-03-08 15:39 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 10:48 - 2021-12-02 14:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-15 10:48 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-15 10:47 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-09 14:15 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití

==================== Files in the root of some directories ========

2022-01-01 18:09 - 2022-01-01 18:06 - 001675440 _____ () C:\Program Files (x86)\setup_CEWE_FOTOLAB_fotosvet.exe
2019-04-10 21:09 - 2022-01-02 13:57 - 000000205 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2021-12-17 16:19 - 2021-12-17 16:19 - 000020105 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
2021-08-24 05:53 - 2021-08-24 05:53 - 000007597 _____ () C:\Users\croft\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

*************************************

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Líba (06-01-2022 16:28:12)
Running from C:\Users\croft\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2021-02-10 09:03:44)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2020.0821.1329.24282 - Advanced Micro Devices, Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{AE2CE1E7-D216-4BB2-B66B-E268F033A61A}) (Version: 15.0.21.0 - ESET, spol. s r.o.)
Fotor 4.1.8 (HKLM-x32\...\Fotor Photo Editor) (Version: 4.1.8 - )
Free MP3 Cutter 2.1 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: 2.1 - PolySoft Solutions)
FVC Free TS Converter 1.0.8 (HKLM-x32\...\{97C508D8-390D-4531-AC2E-2DDE72373DF6}_is1) (Version: 1.0.8 - FVC Studio)
GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
inPixio Photo Studio 10 Ultimate (HKLM-x32\...\{51AC753B-7521-4F25-B444-B6799E243D46}) (Version: 10.03.0 - inPixio)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0 (x64 cs)) (Version: 95.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDF-XChange Editor (HKLM\...\{8BCD796E-36EB-4B60-AA12-30BD157B0570}) (Version: 8.0.331.0 - Tracker Software Products (Canada) Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.5 - VS Revo Group, Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Streaming Audio Recorder V4.3.5.2 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.3.5.2 - Apowersoft LIMITED)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xerox B210 Printer (HKLM-x32\...\Xerox B210 Printer) (Version: 1.08T (06.08.2019) - Xerox Corporation)
Xerox Easy Document Creator (HKLM-x32\...\Xerox Easy Document Creator) (Version: 1.05.93 (12.08.2018) - Xerox Corporation)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 2.0.1.54 - Xerox Corporation)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox PowerENGAGE (HKLM-x32\...\{171BF116-713F-43AA-B236-D6188522E609}) (Version: 2.52.0016 - Xerox Inc.)
Xerox Scan Process Machine (HKLM-x32\...\Xerox Scan Process Machine) (Version: 1.01.13.02 - Xerox Corporation) Hidden
Xerox WorkCentre 3025 (HKLM-x32\...\Xerox WorkCentre 3025) (Version: 1.07 (10.09.2018) - Xerox Corporation)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-07] (Microsoft Corporation)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-15] (HP Inc.)
Mi Band 3 Companion -> C:\Program Files\WindowsApps\2350WintellectDev.MiBand3Companion_1.1.8.0_x64__dchtq5ycc3802 [2021-02-25] (J2Matrix)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\inPixio\inPixio Photo 11\PhotoStudioIP11.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-12-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-14 17:32 - 2020-07-14 17:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-08-21 13:19 - 2020-08-21 13:19 - 001562624 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2019-08-05 13:27 - 2017-09-27 16:30 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\Newtonsoft.Json.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-21 13:28 - 2020-08-21 13:28 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-21 13:28 - 2020-08-21 13:28 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2019-04-05 08:24 - 2019-04-05 08:24 - 003753984 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Xerox\Easy Printer Manager\ScanFax2PC\CDAScan2PCMonitor64.dll
2019-08-05 13:27 - 2017-10-24 17:03 - 000088064 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppCollect.dll
2019-08-05 13:27 - 2017-10-24 17:03 - 000200192 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\onlineregister.com -> hxxp://onlineregister.com
IE trusted site: HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\onlineregister.com -> hxxps://onlineregister.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-06-25 03:44 - 2022-01-06 14:53 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-06-16 16:52 - 2020-06-16 17:57 - 000000434 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Bdagent"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "uupdate"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FD868332-7372-4E4D-AEE7-B03347DB60AB}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AB603749-DB79-4F4E-A263-48333E666020}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{62415A2A-625D-4BEB-8CBB-1A57C2711674}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{6FF30837-2CBC-4917-B228-11B9901E32C0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{7D705701-242F-41D4-B02A-E23EA5377692}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{A6D0C046-3EAB-4131-BC08-27F26C0DDAA0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{8D4A0E5B-CD21-4A9A-BCD2-990C9F1566D0}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{644644FC-6DA1-489A-93B1-1386454872A2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{547E4009-665C-49DF-BC60-4039BAA088DC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89D7C5B4-FFD6-4179-8C90-3E4031DC13C7}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [{BDEA06AF-B389-4A5C-A9BE-A3A0851B32B2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [{F49F3C29-F203-4223-956C-8218175D3EE7}] => (Allow) C:\Users\croft\Downloads\ff\Xerox_B210_Windows_PrintDriver_Utilities_3.70.43.08\setup.exe => No File
FirewallRules: [{F70979F3-79DD-4F93-8804-D455BDDEB8E8}] => (Allow) C:\Users\croft\Downloads\ff\Xerox_B210_Windows_PrintDriver_Utilities_3.70.43.08\setup.exe => No File
FirewallRules: [{CE3F7314-C03E-41FD-939F-6A86139FD613}] => (Allow) C:\Windows\twain_32\Xerox\WC3025\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{9A08E2E2-FF5B-43AB-AB0F-CB88B513E8F4}] => (Allow) C:\Windows\twain_32\Xerox\WC3025\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{734822C6-127F-43B0-A1E9-B42D28CA0C3E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{738F87C2-38FE-4CF9-B12B-2F127C2FD382}] => (Allow) C:\Program Files (x86)\Xerox\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{43C049C6-BC7B-447B-AFA6-5D10F88E9DA8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5335F4FF-41F9-4F0B-8E83-9539ED15BE33}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1917A48F-E5EE-4D98-9C64-F5C98695FBFA}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\EasyPrinterManagerV2.exe (Xerox) [File not signed]
FirewallRules: [{14CFD63B-005D-45B1-A8DA-66816A03F514}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\OrderSupplies.exe (Xerox) [File not signed]
FirewallRules: [{2F2F1EA2-2AC8-41C1-A14B-2FFD6D77E121}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2AlertList.exe (Xerox) [File not signed]
FirewallRules: [{A642D1F5-7B2D-4C25-AA1D-0459E2ADE75A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2Migrator.exe () [File not signed]
FirewallRules: [{DCE8DB32-D17F-4D39-8282-929D5D9E28DF}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDArecovery.exe () [File not signed]
FirewallRules: [{41CBE98D-8D64-4E98-994D-0077684C00AC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BC9B48C6-BD2D-4177-B307-825CCA4F6E59}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2B906623-810E-4A25-A755-D8470F9BEF5F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{39EFB861-A254-4F9D-A848-41B6B20AB08D}] => (Allow) C:\Users\croft\Downloads\ff\Xerox_B210_Windows_PrintDriver_Utilities_3.70.43.08\setup.exe => No File
FirewallRules: [TCP Query User{E873978F-F017-4802-A342-8E25E49DCCE7}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{39FEE894-400D-4B64-BB7C-EA2C2E5376F8}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{9A78E35A-3ED3-47CE-AE9B-6851693EBAEB}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4981C9F4-E61F-40D3-9B20-507037035960}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{7B2177B4-E21F-4A31-80C9-9E38780B9AD2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-01-2022 10:53:29 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/06/2022 03:34:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/06/2022 03:29:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4c23bc5c-73da-4d10-bcd2-79a93994d67e}

Error: (01/06/2022 03:16:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/06/2022 03:15:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/06/2022 03:13:55 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {9edbd150-c44a-40be-a91b-00463eb2e5c8}

Error: (01/06/2022 01:18:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2022 01:14:46 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 77092195 ms

DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]

Error: (01/05/2022 03:49:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Služba Šifrování neinicializovala záložní objekt System Writer systému VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Probíhá vypnutí systému.
.

System errors:
=============
Error: (01/06/2022 03:35:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Camera Frame Server neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/06/2022 03:35:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Camera Frame Server bylo dosaženo časového limitu (30000 ms).

Error: (01/06/2022 03:25:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EraAgentSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/06/2022 02:57:10 PM) (Source: DCOM) (EventID: 10010) (User: LÍBA)
Description: Server {24EE1E72-BE24-4943-8F91-DA637552CE5B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/06/2022 02:53:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EraAgentSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/06/2022 02:51:10 PM) (Source: DCOM) (EventID: 10005) (User: LÍBA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/06/2022 02:51:06 PM) (Source: DCOM) (EventID: 10005) (User: LÍBA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (01/06/2022 02:51:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba ESET Uninstaller Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Windows Defender:
================
Date: 2021-11-11 10:06:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2B3BCBB9-2D7E-42F5-9399-7972DDED44BF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-10 19:24:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {624D646A-6165-4A0E-B639-65D2344F0A4D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-08 08:33:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C5FEAA35-16C5-4197-A8DD-C0D584134C31}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-07 11:16:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ECB3410F-6FD3-470E-A017-E051FFE6D6BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-05 08:44:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {49D00361-B6D7-4FC4-9FC6-61DAE6DD2AF1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

Date: 2021-10-27 16:34:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

CodeIntegrity:
===============
Date: 2022-01-02 19:24:44
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2022-01-02 19:22:44
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-01-02 19:22:01
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde F.33 12/17/2019
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 8078.22 MB
Available physical RAM: 2602.8 MB
Total Virtual: 13198.22 MB
Available Virtual: 5221.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.39 GB) (Free:798.16 GB) NTFS

\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{860939b6-fb5f-463e-8b3c-02d4a2ddb0a6}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#6 Příspěvek od **JaRon** » 06 led 2022 17:00

Najprv vycisti PC s CCleanerom, vcetne registrov
Potom vycisti PC s Adwcleanerom log sem

LV1234 · #7 Příspěvek od **LV1234** » 06 led 2022 17:32

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-06-2022
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 32013
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [1406 octets] - [20/05/2019 13:03:41]
AdwCleaner[C00].txt - [1514 octets] - [20/05/2019 13:04:00]
AdwCleaner[S01].txt - [2067 octets] - [22/01/2020 15:14:16]
AdwCleaner[C01].txt - [2105 octets] - [22/01/2020 15:14:54]
AdwCleaner[S02].txt - [1677 octets] - [17/11/2020 20:54:48]
AdwCleaner[C02].txt - [1847 octets] - [17/11/2020 20:55:09]
AdwCleaner[S03].txt - [1772 octets] - [18/11/2020 11:06:35]
AdwCleaner[C03].txt - [1962 octets] - [18/11/2020 11:07:02]
AdwCleaner[S04].txt - [1894 octets] - [18/01/2021 12:43:20]
AdwCleaner[S05].txt - [1955 octets] - [18/01/2021 12:44:01]
AdwCleaner[S06].txt - [2016 octets] - [06/01/2022 17:31:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########

#8 Příspěvek od **JaRon** » 06 led 2022 17:49

OK zajtra Ti este napisem fixlist na docistenie

#9 Příspěvek od **JaRon** » 07 led 2022 06:58

slubene:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {24eb1164-5980-11eb-a7bc-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {97286314-2caf-11ec-a816-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {dc08151c-e4b2-11eb-a7fe-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe LOGON (No File)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe SCHED (No File)
S2 EraAgentSvc; "C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe" [X]
U3 avgbdisk; no ImagePath
2022-01-02 19:31 - 2022-01-02 19:31 - 000000000 ____D C:\ProgramData\BDLogging
2022-01-02 19:26 - 2022-01-06 15:24 - 000000000 ____D C:\Program Files\Bitdefender
2022-01-02 19:16 - 2022-01-06 15:39 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-01-02 19:16 - 2022-01-02 19:16 - 000224456 _____ C:\ProgramData\agent.1641147384.bdinstall.v2.bin
2022-01-02 19:16 - 2022-01-02 19:16 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2022-01-02 18:54 - 2022-01-03 08:50 - 000000000 ____D C:\ProgramData\AVG
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\inPixio\inPixio Photo 11\PhotoStudioIP11.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
FirewallRules: [{62415A2A-625D-4BEB-8CBB-1A57C2711674}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{6FF30837-2CBC-4917-B228-11B9901E32C0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{7D705701-242F-41D4-B02A-E23EA5377692}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{A6D0C046-3EAB-4131-BC08-27F26C0DDAA0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{8D4A0E5B-CD21-4A9A-BCD2-990C9F1566D0}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

LV1234 · #10 Příspěvek od **LV1234** » 07 led 2022 07:53

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Líba (07-01-2022 07:41:30) Run:3
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {24eb1164-5980-11eb-a7bc-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {97286314-2caf-11ec-a816-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {dc08151c-e4b2-11eb-a7fe-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe LOGON (No File)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe SCHED (No File)
S2 EraAgentSvc; "C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe" [X]
U3 avgbdisk; no ImagePath
2022-01-02 19:31 - 2022-01-02 19:31 - 000000000 ____D C:\ProgramData\BDLogging
2022-01-02 19:26 - 2022-01-06 15:24 - 000000000 ____D C:\Program Files\Bitdefender
2022-01-02 19:16 - 2022-01-06 15:39 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-01-02 19:16 - 2022-01-02 19:16 - 000224456 _____ C:\ProgramData\agent.1641147384.bdinstall.v2.bin
2022-01-02 19:16 - 2022-01-02 19:16 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2022-01-02 18:54 - 2022-01-03 08:50 - 000000000 ____D C:\ProgramData\AVG
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\inPixio\inPixio Photo 11\PhotoStudioIP11.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
FirewallRules: [{62415A2A-625D-4BEB-8CBB-1A57C2711674}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{6FF30837-2CBC-4917-B228-11B9901E32C0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe => No File
FirewallRules: [{7D705701-242F-41D4-B02A-E23EA5377692}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{A6D0C046-3EAB-4131-BC08-27F26C0DDAA0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe => No File
FirewallRules: [{8D4A0E5B-CD21-4A9A-BCD2-990C9F1566D0}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File

EmptyTemp:
Reboot:
End
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24eb1164-5980-11eb-a7bc-40a3cccab76d} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{97286314-2caf-11ec-a816-40a3cccab76d} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc08151c-e4b2-11eb-a7fe-40a3cccab76d} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6821FE11-081E-4D55-8806-9D4B3DEC6A8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6821FE11-081E-4D55-8806-9D4B3DEC6A8C}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{989B7C29-748C-483A-898E-12FDE1FE5C06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{989B7C29-748C-483A-898E-12FDE1FE5C06}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
EraAgentSvc => service not found.
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully
avgbdisk => service removed successfully
C:\ProgramData\BDLogging => moved successfully
C:\Program Files\Bitdefender => moved successfully
"C:\Program Files\Bitdefender Agent" => not found
C:\ProgramData\agent.1641147384.bdinstall.v2.bin => moved successfully
C:\ProgramData\Bitdefender Agent => moved successfully
C:\ProgramData\AVG => moved successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62415A2A-625D-4BEB-8CBB-1A57C2711674}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FF30837-2CBC-4917-B228-11B9901E32C0}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D705701-242F-41D4-B02A-E23EA5377692}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6D0C046-3EAB-4131-BC08-27F26C0DDAA0}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D4A0E5B-CD21-4A9A-BCD2-990C9F1566D0}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11579301 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 300145122 B
Edge => 87565 B
Chrome => 375831750 B
Firefox => 14785879 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 12856240 B
croft => 27548234 B

RecycleBin => 0 B
EmptyTemp: => 708.5 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 07:43:19 ====

#11 Příspěvek od **JaRon** » 07 led 2022 10:37

je to ciste, aky je stav PC

LV1234 · #12 Příspěvek od **LV1234** » 07 led 2022 10:50

Restart - 3:07 min
Po přihlášení - 1:10 min
Načtení prohlížeče a 17 otevřených záložek 1:07 min

#13 Příspěvek od **JaRon** » 07 led 2022 11:17

pozri este velkost adresara plocha

LV1234 · #14 Příspěvek od **LV1234** » 07 led 2022 12:04

506 174 551

#15 Příspěvek od **JaRon** » 07 led 2022 12:47

je to este v norme
mozes este vlozit obrazok z HDTune free - cast benchmark

VIRY.CZ

zpomalení notebooku

zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku

Re: zpomalení notebooku