Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Preventivní kontrola

#1 Příspěvek od artmle9 »

Prosím o preventivní kontrolu. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Ran by RostaBetak (administrator) on ROSTAB (ASUSTeK COMPUTER INC. X55A) (01-09-2021 13:09:02)
Running from D:\plocha
Loaded Profiles: RostaBetak
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AlcorMicro, Corp. -> Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [90832 2012-06-07] () [File not signed]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0E3C08AB-D9C5-4737-A04B-772C26C79D41} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {175DC47D-B89C-4C5B-A263-D69B9D1F3854} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {180EF5C5-BC25-408F-90FC-075A368E6E80} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2453EBE0-E7ED-429B-8FA0-652434488E52} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1123536 2012-07-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {27447ABE-8280-4ECF-8E56-89C1B4027FFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2F34B6F6-80F0-4B59-8AB1-88632E27FF6E} - System32\Tasks\{BA29B442-2BD6-48D3-9AA7-158F2791BAFA} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35D2F06F-3317-4230-B8F8-3BB9C7BF7387} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {37795A96-3F23-428F-BE53-9D47C0CAA73D} - System32\Tasks\{F839FC7E-463C-4400-8F97-9821092A54E0} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {37FB082B-CA15-4710-9063-1A4CF86C2B13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3C9388BB-4A34-416F-8DE0-84C66749780B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {42DC6C25-E879-4FEC-BB0E-384621921A0E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1558176 2012-07-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {47F143B4-7B38-41E1-87DD-F6FD64BD8874} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {4C15847D-0D86-4948-ACE4-A732012DCC30} - System32\Tasks\{1736A3D5-D1EE-40ED-A289-1514805696C3} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {4C2365D6-97AD-4367-95D0-D8D22E4C5280} - System32\Tasks\{0EB8FD6C-1BC8-410F-82CB-4894B2D46FB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {602DA0B3-D2C4-44E7-870E-140B25B32C17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {73A7DDBE-C4F2-4FAC-BDA2-DCEED1BED44C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8563C6E8-B31D-4C46-BC89-DD980166291D} - System32\Tasks\{233DCCB5-AC3E-46CE-97DD-F91DDD9365DF} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {891130B1-1984-40FB-A15C-A089923F6F81} - System32\Tasks\CCleanerSkipUAC - RostaBetak => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8B377EA6-5193-4A67-B24E-A08140CECFE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {907D7498-84D2-4B55-B4E1-EAFD165BDEB3} - System32\Tasks\{CDEF0A78-22F1-4BFE-A125-2F6AAEEE5D2E} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {910D4001-C284-4A76-A4E4-C656A781720C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93092B01-5620-4F43-B023-B6A4735A2AAC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A3E57C43-1FE5-40E8-A503-679C4AF8D702} - System32\Tasks\{FCA2E8D5-9E4D-4F15-9F2B-8A23158384AC} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {B9C23DBF-D17E-41E6-A935-D7B3FD05C208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C1BD723B-FDBA-4B52-8323-35E7D9A0D1B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3F6186A-BBF0-4718-9FC2-EE80A64D4231} - System32\Tasks\{BDB04621-058D-4D7C-9D14-D0E6A02F9BB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {C87635E1-458C-4F0C-B8C7-06F739EEC76E} - System32\Tasks\2BrightSparks\SyncBackFree\RostaB-RostaBetak\SyncBackFree => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [73148496 2021-07-28] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D20024C9-79C4-4BB1-8B86-FDFE1CB2C7E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D2B137F3-697E-448F-8814-22812439265F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D8CECC78-B345-400A-BA54-EEDF82F678B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB8F16EB-0A79-4601-B2FD-336353189EB0} - System32\Tasks\{135981EF-7AAC-43AA-A114-4E7252292C7B} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {ECCF5651-595B-4290-BD15-239C8873EB8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F323CBDB-F12B-4DAB-A53D-917B4112BCE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F32C711A-7FCC-4912-971E-380887520D3F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-04] (ASUSTeK Computer Inc. -> ASUS)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FB8D488F-026B-4055-94E3-77CB0922B075} - System32\Tasks\{4A55CEA4-2D05-4D12-A447-BAC98CDF509A} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {FED00214-A5D4-4865-93E4-F41A5074C2AE} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed20c8c5-6d93-453a-bf5b-43b8c4fae0a3}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\RostaBetak\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-01]

FireFox:
========
FF DefaultProfile: srdyd2kt.default
FF ProfilePath: C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default [2021-09-01]
FF DownloadDir: D:\plocha
FF Homepage: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://58526a385da80.edrone.me; hxxps://www.youtube.com; hxxps://thaidapps.com; hxxps://www.emimino.cz; hxxps://www.blancheporte.cz; hxxps://www.megaknihy.cz; hxxps://talkonlinepanel.com; hxxps://www.dedoles.cz; hxxps://www.bezvasport.cz; hxxps://sdilej.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-02-15]
FF SearchPlugin: C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default\searchplugins\Poshukach Engin Search.xml [2021-06-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Profile: C:\Users\RostaBetak\AppData\Roaming\Opera Software\Opera Stable [2021-08-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-08-05] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 andnetndis; C:\WINDOWS\System32\drivers\lgandnetndis64.sys [93184 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-01 13:08 - 2021-09-01 13:10 - 000000000 ____D C:\FRST
2021-09-01 10:38 - 2021-09-01 10:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\2BrightSparks
2021-09-01 10:35 - 2021-09-01 10:35 - 000001429 _____ C:\Users\RostaBetak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk
2021-09-01 10:30 - 2021-09-01 10:30 - 000001409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk
2021-09-01 10:30 - 2021-09-01 10:30 - 000000000 ____D C:\Users\RostaBetak\AppData\Roaming\2BrightSparks
2021-09-01 10:30 - 2021-09-01 10:30 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\2BrightSparks
2021-09-01 10:30 - 2021-09-01 10:30 - 000000000 ____D C:\Program Files (x86)\2BrightSparks
2021-08-29 19:10 - 2021-08-29 19:11 - 000152740 _____ C:\Users\RostaBetak\Documents\cc_20210829_191055.reg
2021-08-29 17:31 - 2021-08-29 17:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-29 17:31 - 2021-08-29 17:31 - 000002906 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RostaBetak
2021-08-29 10:06 - 2021-08-29 10:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-19 14:25 - 2021-08-19 14:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-19 14:25 - 2021-08-19 14:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-19 14:24 - 2021-08-19 14:24 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-19 14:24 - 2021-08-19 14:24 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-19 14:22 - 2021-08-19 14:22 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-19 14:22 - 2021-08-19 14:22 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-19 14:19 - 2021-08-19 14:19 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-17 14:39 - 2021-08-17 14:39 - 000000000 ___HD C:\$WinREAgent
2021-08-13 14:13 - 2021-08-13 14:13 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2021-08-03 09:10 - 2021-08-03 09:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-01 13:14 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-01 13:01 - 2016-11-19 15:26 - 000000000 ____D C:\Users\RostaBetak\AppData\LocalLow\Mozilla
2021-09-01 12:55 - 2012-12-18 18:13 - 000000380 _____ C:\Users\RostaBetak\AppData\Roaming\sp_data.sys
2021-09-01 11:55 - 2020-09-29 10:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-01 11:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-01 07:42 - 2016-12-18 10:52 - 000000000 ____D C:\Program Files\CCleaner
2021-08-31 07:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-31 07:44 - 2012-12-19 17:33 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-30 12:54 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-29 19:21 - 2020-09-29 10:42 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-29 19:21 - 2019-12-07 16:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-29 19:21 - 2019-12-07 16:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-29 19:16 - 2013-12-01 09:42 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2021-08-29 19:14 - 2020-09-29 10:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-29 19:14 - 2020-09-29 10:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-29 19:13 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-29 18:05 - 2020-08-12 12:14 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\D3DSCache
2021-08-29 17:50 - 2020-09-29 10:28 - 000446160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-29 17:49 - 2013-01-20 12:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-29 17:49 - 2012-12-18 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-29 17:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-29 17:39 - 2020-09-23 20:16 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-29 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-08-29 17:28 - 2018-05-28 15:18 - 000000000 ____D C:\ProgramData\tmp
2021-08-29 17:28 - 2012-12-22 19:05 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\CrashDumps
2021-08-29 17:18 - 2012-12-19 20:56 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2021-08-29 17:17 - 2012-12-19 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2021-08-29 17:15 - 2018-05-28 15:19 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\FOTOLAB CEWE fotosvet
2021-08-29 17:15 - 2013-06-23 11:23 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-29 17:13 - 2018-02-11 17:46 - 000000000 ____D C:\Program Files\Fotolab
2021-08-29 17:11 - 2017-03-12 15:46 - 000000000 ____D C:\Users\RostaBetak\AppData\Roaming\KASTNER software
2021-08-29 17:05 - 2013-12-01 09:41 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-29 16:51 - 2013-01-20 12:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-29 10:05 - 2012-12-18 20:22 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-29 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-08-29 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-08-28 19:19 - 2020-07-16 20:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-28 19:15 - 2021-05-13 14:00 - 000002432 _____ C:\Users\RostaBetak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-28 19:15 - 2020-09-29 10:59 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-311663323-2849101808-2652881075-1001
2021-08-20 16:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-16 15:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-16 08:33 - 2020-09-29 10:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 08:33 - 2020-09-29 10:59 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-15 08:35 - 2021-02-27 09:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 17:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-14 17:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-13 14:16 - 2013-08-25 18:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 14:06 - 2012-12-19 17:39 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 09:33 - 2018-02-02 15:16 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\Packages
2021-08-09 18:59 - 2015-08-05 19:46 - 000000000 ___RD C:\Users\RostaBetak\OneDrive
2021-08-04 18:10 - 2018-03-02 22:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-02 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-02 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-02 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning

==================== Files in the root of some directories ========

2018-06-19 08:56 - 2018-06-19 08:56 - 000000021 _____ () C:\Users\RostaBetak\AppData\Roaming\my_intel.sys
2012-12-18 18:13 - 2021-09-01 12:55 - 000000380 _____ () C:\Users\RostaBetak\AppData\Roaming\sp_data.sys
2020-09-23 12:21 - 2020-09-23 12:21 - 000005632 _____ () C:\Users\RostaBetak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-18 22:07 - 2012-12-18 22:07 - 000000017 _____ () C:\Users\RostaBetak\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021
Ran by RostaBetak (01-09-2021 13:14:49)
Running from D:\plocha
Windows 10 Home Version 2004 19041.1165 (X64) (2020-09-29 09:00:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-311663323-2849101808-2652881075-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-311663323-2849101808-2652881075-503 - Limited - Disabled)
Guest (S-1-5-21-311663323-2849101808-2652881075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-311663323-2849101808-2652881075-1011 - Limited - Enabled)
RostaBetak (S-1-5-21-311663323-2849101808-2652881075-1001 - Administrator - Enabled) => C:\Users\RostaBetak
WDAGUtilityAccount (S-1-5-21-311663323-2849101808-2652881075-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.6.142.61624 - Alcor Micro Corp.)
ArchiCAD 13 CZE (HKLM\...\001FFF2FFF13FF00FF1101F00F02F000-R1) (Version: - Graphisoft)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.84 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java(TM) 6 Update 16 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.137 - PandoraTV)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0.2 (x64 cs)) (Version: 91.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 91.0.2.7905 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StartW8 1.0.9.10 (HKLM-x32\...\{1DF08A57-F5E0-472A-A8D0-2AEFC3A06419}) (Version: 1.0.9.10 - SODATSW spol. s r. o.)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 9.5.36.0 - 2BrightSparks)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
WD SmartWare (HKLM\...\{17A76C9D-91D4-4E01-922D-1B3000DEB9F1}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1707.2.30 - ZONER software)

Packages:
=========
Adera -> C:\Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe [2015-08-05] (Microsoft Studios)
ASUS Calculator -> C:\Program Files\WindowsApps\B9ECED6F.ASUSCalculator_1.0.0.25_neutral__qmba6cd70vzyy [2015-08-05] (ASUSTek COMPUTER INC.)
Asus Converter -> C:\Program Files\WindowsApps\B9ECED6F.AsusConverter_1.0.0.27_neutral__qmba6cd70vzyy [2012-12-18] (ASUSTeK COMPUTER INC.)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-08-05] (ASUSTeK COMPUTER INC.)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-08] (Autodesk Inc.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2093.1.0_x86__kgqvnymyfvs32 [2021-08-29] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-08] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0 [2021-08-29] (Spotify AB) [Startup Task]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
The World Clock -> C:\Program Files\WindowsApps\B9ECED6F.TheWorldClock_1.0.0.6_neutral__qmba6cd70vzyy [2012-12-18] (ASUSTeK COMPUTER INC.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-18] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2013-10-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] () [File not signed]
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] () [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSContextMenu.DLL [2012-08-28] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2013-10-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] () [File not signed]
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] () [File not signed]
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2012-06-07 15:12 - 2012-06-07 15:12 - 000009216 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2017-03-13 17:11 - 2010-09-07 04:21 - 000538435 _____ () [File not signed] C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2013-12-01 17:09 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2012-12-18 21:56 - 2012-06-09 20:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2012-07-31 17:05 - 2012-07-31 17:05 - 000223744 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
2012-06-07 15:12 - 2012-06-07 15:12 - 000053248 _____ (ASUSTeK) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
2012-06-07 15:12 - 2012-06-07 15:12 - 000032768 _____ (ASUSTek) [File not signed] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
2005-09-07 15:03 - 2005-09-07 15:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2013-12-01 17:09 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-07-20 17:48 - 2015-07-20 17:48 - 001006080 ____R (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll
2012-06-07 15:12 - 2012-06-07 15:12 - 001595392 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-311663323-2849101808-2652881075-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-311663323-2849101808-2652881075-1001 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2013-02-12] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RostaBetak\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20200606_153636.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ApnUpdater"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\StartupFolder: => "trillian – zástupce.lnk"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "googletalk"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{452A5D9A-26BF-4407-A2E1-BFDE551F5C93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{67EFB130-C04E-4028-B0F0-282D6397644A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{805AE5C9-EE3E-49A7-A801-6B8A4446246D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F51615F7-FCA8-431F-90E1-235F6ED72164}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{59EA14D4-F555-4986-9292-FE53F9617F13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F4617D9-804A-4BA6-B815-E32134B998D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FBA604CA-896C-4A6D-BD4B-A992506272BB}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{3C0033D7-4ADE-4D8B-B5D0-EE48C605488A}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{A1C41A1B-C617-480D-88FF-1CB19FE25869}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{3F45C437-905C-4359-8839-D66932EF75DB}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{58828B5B-C6D6-44F9-A3F0-6F873CCB9C38}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [{C6B9BB6B-4EE3-4750-81CF-89EC602A337F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{2673E10D-6F67-45B8-ACCE-D6E208A71EE5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{4B8B81C1-9F1F-45F7-900B-8B5798839CD1}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe (Cerulean Studios, LLC -> Cerulean Studios)
FirewallRules: [UDP Query User{30A431A6-28CB-466E-B6B5-26A9A58744D1}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe (Cerulean Studios, LLC -> Cerulean Studios)
FirewallRules: [{A513CD12-F5C1-4BB5-94E5-00082A63ACB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C23CD84-C788-4AFE-A4AB-F3172109F787}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E6310A4-D1D7-4026-831A-38F56A3D8F4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D39AE9B-E21B-486C-A956-7B51A935EAB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11A9A3C4-2746-4AB7-960F-DE9678CEB746}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90D5EC49-3C23-4EEE-91E9-D66973FF8241}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F09EFBC-C121-442C-B1F5-3B9154889947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6074E80A-9135-4F40-9803-875B644604D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FFEB025-4A31-41F2-A27C-0226D478AF10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3674CE47-F316-4182-B1B6-8472B62089D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{879037C2-7F6E-43BF-AA71-E126D2681604}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA109773-0C54-4EBA-9C95-13AB2928394E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

16-08-2021 16:24:36 Naplánovaný kontrolní bod
29-08-2021 08:51:36 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Bluetooth module
Description: Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/01/2021 12:55:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x190c
Čas spuštění chybující aplikace: 0x01d79f1fe02357b0
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: f50f1cfa-a637-4054-92c0-2418762e1fb5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 12:27:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x2388
Čas spuštění chybující aplikace: 0x01d79f1be6e3749b
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: 57a5a7ba-8a85-4ad9-9662-7e4c0de6ce64
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 10:54:26 AM) (Source: SyncBackFree) (EventID: 101) (User: )
Description: Event-ID 101

Error: (08/31/2021 06:12:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0xf78
Čas spuštění chybující aplikace: 0x01d79e8301bcbb99
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: 1f2825d2-fe94-4ba8-af31-9648bfeeab68
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/31/2021 05:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0xd88
Čas spuštění chybující aplikace: 0x01d79e7e6eaf8844
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: ed1e6c9d-0126-4453-a0df-d254336be3ed
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/31/2021 01:43:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x25ac
Čas spuštění chybující aplikace: 0x01d79e5d761a2cb0
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: eeb26a87-eb4b-473e-b218-2d44300ad50d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/31/2021 09:59:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x2780
Čas spuštění chybující aplikace: 0x01d79e3e0ed4ebc1
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: 767e919e-1173-4734-848b-ad602b6b0347
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/31/2021 07:40:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x1f30
Čas spuštění chybující aplikace: 0x01d79e2aa2132e3f
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: 3a09a0bf-ebb6-40cb-84e2-850f54e1af3f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/01/2021 12:58:29 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/01/2021 12:30:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/01/2021 10:01:20 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (09/01/2021 03:58:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Brother - Printer - 4/22/2009 12:00:00 AM - 10.0.17119.1.

Error: (08/31/2021 06:15:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/31/2021 05:42:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/31/2021 01:46:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/31/2021 12:49:45 PM) (Source: DCOM) (EventID: 10010) (User: RostaB)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-08-31 18:34:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {53ECE37D-31A8-4A24-8B84-6395ACCC3089}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-16 15:27:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E1A68CA1-7843-435A-84C2-FED9E07F1A00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-15 09:34:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_E:\rcsetup153.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: RostaB\RostaBetak
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.345.532.0, AS: 1.345.532.0, NIS: 1.345.532.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-14 18:55:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Pearfoos.A!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe; process:_pid:7464,ProcessStart:132734287060375047
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.345.527.0, AS: 1.345.527.0, NIS: 1.345.527.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-14 17:48:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Pearfoos.A!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe; process:_pid:7464,ProcessStart:132734287060375047
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
Verze bezpečnostních informací: AV: 1.345.527.0, AS: 1.345.527.0, NIS: 1.345.527.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:56:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-08-19 14:04:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X55A.413 08/20/2012
Motherboard: ASUSTeK COMPUTER INC. X55A
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 83%
Total physical RAM: 3979.82 MB
Available physical RAM: 655.77 MB
Total Virtual: 5899.82 MB
Available Virtual: 1749.52 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.49 GB) (Free:129.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.45 GB) (Free:115.63 GB) NTFS
Drive f: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{09fae88f-4b05-490f-91a6-eb4fa00f51fd}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.27 GB) NTFS
\\?\Volume{19b986df-b0fa-43b0-863f-7ca4206fcbed}\ () (Fixed) (Total:0.81 GB) (Free:0.29 GB) NTFS
\\?\Volume{adbca9b6-c50c-4ede-9327-97c07aefa8c8}\ (Restore) (Fixed) (Total:20 GB) (Free:10.56 GB) NTFS
\\?\Volume{d822ec6c-98c5-42a8-8de1-e3ee4543c4a2}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.23 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 23D3E035)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola

#2 Příspěvek od JaRon »

Ahoj
Su tam nejake drobnosti
Vycisti PC s Adwcleanerom a CCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Preventivní kontrola

#3 Příspěvek od artmle9 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Ran by RostaBetak (administrator) on ROSTAB (ASUSTeK COMPUTER INC. X55A) (01-09-2021 18:34:42)
Running from D:\plocha
Loaded Profiles: RostaBetak
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AlcorMicro, Corp. -> Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0E3C08AB-D9C5-4737-A04B-772C26C79D41} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {175DC47D-B89C-4C5B-A263-D69B9D1F3854} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {180EF5C5-BC25-408F-90FC-075A368E6E80} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2453EBE0-E7ED-429B-8FA0-652434488E52} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1123536 2012-07-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {27447ABE-8280-4ECF-8E56-89C1B4027FFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2F34B6F6-80F0-4B59-8AB1-88632E27FF6E} - System32\Tasks\{BA29B442-2BD6-48D3-9AA7-158F2791BAFA} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35D2F06F-3317-4230-B8F8-3BB9C7BF7387} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {37795A96-3F23-428F-BE53-9D47C0CAA73D} - System32\Tasks\{F839FC7E-463C-4400-8F97-9821092A54E0} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {37FB082B-CA15-4710-9063-1A4CF86C2B13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3C9388BB-4A34-416F-8DE0-84C66749780B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {47F143B4-7B38-41E1-87DD-F6FD64BD8874} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {4C15847D-0D86-4948-ACE4-A732012DCC30} - System32\Tasks\{1736A3D5-D1EE-40ED-A289-1514805696C3} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {4C2365D6-97AD-4367-95D0-D8D22E4C5280} - System32\Tasks\{0EB8FD6C-1BC8-410F-82CB-4894B2D46FB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {602DA0B3-D2C4-44E7-870E-140B25B32C17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {73A7DDBE-C4F2-4FAC-BDA2-DCEED1BED44C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8563C6E8-B31D-4C46-BC89-DD980166291D} - System32\Tasks\{233DCCB5-AC3E-46CE-97DD-F91DDD9365DF} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {891130B1-1984-40FB-A15C-A089923F6F81} - System32\Tasks\CCleanerSkipUAC - RostaBetak => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8B377EA6-5193-4A67-B24E-A08140CECFE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {907D7498-84D2-4B55-B4E1-EAFD165BDEB3} - System32\Tasks\{CDEF0A78-22F1-4BFE-A125-2F6AAEEE5D2E} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {910D4001-C284-4A76-A4E4-C656A781720C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93092B01-5620-4F43-B023-B6A4735A2AAC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A3E57C43-1FE5-40E8-A503-679C4AF8D702} - System32\Tasks\{FCA2E8D5-9E4D-4F15-9F2B-8A23158384AC} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {B9C23DBF-D17E-41E6-A935-D7B3FD05C208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C1BD723B-FDBA-4B52-8323-35E7D9A0D1B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3F6186A-BBF0-4718-9FC2-EE80A64D4231} - System32\Tasks\{BDB04621-058D-4D7C-9D14-D0E6A02F9BB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D20024C9-79C4-4BB1-8B86-FDFE1CB2C7E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D2B137F3-697E-448F-8814-22812439265F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D8CECC78-B345-400A-BA54-EEDF82F678B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB8F16EB-0A79-4601-B2FD-336353189EB0} - System32\Tasks\{135981EF-7AAC-43AA-A114-4E7252292C7B} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {ECCF5651-595B-4290-BD15-239C8873EB8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F323CBDB-F12B-4DAB-A53D-917B4112BCE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F32C711A-7FCC-4912-971E-380887520D3F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-04] (ASUSTeK Computer Inc. -> ASUS)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FB8D488F-026B-4055-94E3-77CB0922B075} - System32\Tasks\{4A55CEA4-2D05-4D12-A447-BAC98CDF509A} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed20c8c5-6d93-453a-bf5b-43b8c4fae0a3}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\RostaBetak\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-01]

FireFox:
========
FF DefaultProfile: srdyd2kt.default
FF ProfilePath: C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default [2021-09-01]
FF DownloadDir: D:\plocha
FF Homepage: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://58526a385da80.edrone.me; hxxps://www.youtube.com; hxxps://thaidapps.com; hxxps://www.emimino.cz; hxxps://www.blancheporte.cz; hxxps://www.megaknihy.cz; hxxps://talkonlinepanel.com; hxxps://www.dedoles.cz; hxxps://www.bezvasport.cz; hxxps://sdilej.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-02-15]
FF SearchPlugin: C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default\searchplugins\Poshukach Engin Search.xml [2021-06-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Profile: C:\Users\RostaBetak\AppData\Roaming\Opera Software\Opera Stable [2021-09-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-08-05] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 andnetndis; C:\WINDOWS\System32\drivers\lgandnetndis64.sys [93184 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-01 18:31 - 2021-09-01 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2021-09-01 18:31 - 2021-09-01 18:31 - 000000000 ____D C:\Program Files (x86)\Cobian Backup 11
2021-09-01 17:12 - 2021-09-01 17:13 - 000000000 ____D C:\AdwCleaner
2021-09-01 13:08 - 2021-09-01 18:36 - 000000000 ____D C:\FRST
2021-09-01 10:30 - 2021-09-01 10:30 - 000000000 ____D C:\Program Files (x86)\2BrightSparks
2021-08-29 19:10 - 2021-08-29 19:11 - 000152740 _____ C:\Users\RostaBetak\Documents\cc_20210829_191055.reg
2021-08-29 17:31 - 2021-08-29 17:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-29 17:31 - 2021-08-29 17:31 - 000002906 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RostaBetak
2021-08-29 10:06 - 2021-08-29 10:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-19 14:25 - 2021-08-19 14:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-19 14:25 - 2021-08-19 14:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-19 14:24 - 2021-08-19 14:24 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-19 14:24 - 2021-08-19 14:24 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-19 14:22 - 2021-08-19 14:22 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-19 14:22 - 2021-08-19 14:22 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-19 14:19 - 2021-08-19 14:19 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-17 14:39 - 2021-08-17 14:39 - 000000000 ___HD C:\$WinREAgent
2021-08-13 14:13 - 2021-08-13 14:13 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2021-08-03 09:10 - 2021-08-03 09:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-01 18:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-01 18:26 - 2016-11-19 15:26 - 000000000 ____D C:\Users\RostaBetak\AppData\LocalLow\Mozilla
2021-09-01 18:11 - 2020-09-29 10:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-01 17:31 - 2016-12-18 10:52 - 000000000 ____D C:\Program Files\CCleaner
2021-09-01 17:27 - 2020-09-29 10:42 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-01 17:27 - 2019-12-07 16:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-09-01 17:27 - 2019-12-07 16:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-09-01 17:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-01 17:24 - 2013-12-01 09:42 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2021-09-01 17:22 - 2020-09-29 10:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-01 17:22 - 2020-09-29 10:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-01 17:21 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-01 17:20 - 2017-07-24 16:26 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-09-01 17:20 - 2012-08-04 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-09-01 17:13 - 2013-02-11 18:29 - 000000000 ____D C:\ProgramData\ICQ
2021-09-01 16:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-01 16:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-01 12:55 - 2012-12-18 18:13 - 000000380 _____ C:\Users\RostaBetak\AppData\Roaming\sp_data.sys
2021-08-31 07:44 - 2012-12-19 17:33 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-29 18:05 - 2020-08-12 12:14 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\D3DSCache
2021-08-29 17:50 - 2020-09-29 10:28 - 000446160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-29 17:49 - 2013-01-20 12:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-29 17:49 - 2012-12-18 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-29 17:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-29 17:39 - 2020-09-23 20:16 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-29 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-08-29 17:28 - 2018-05-28 15:18 - 000000000 ____D C:\ProgramData\tmp
2021-08-29 17:28 - 2012-12-22 19:05 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\CrashDumps
2021-08-29 17:18 - 2012-12-19 20:56 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2021-08-29 17:17 - 2012-12-19 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2021-08-29 17:15 - 2018-05-28 15:19 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\FOTOLAB CEWE fotosvet
2021-08-29 17:15 - 2013-06-23 11:23 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-29 17:13 - 2018-02-11 17:46 - 000000000 ____D C:\Program Files\Fotolab
2021-08-29 17:11 - 2017-03-12 15:46 - 000000000 ____D C:\Users\RostaBetak\AppData\Roaming\KASTNER software
2021-08-29 17:05 - 2013-12-01 09:41 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-29 16:51 - 2013-01-20 12:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-29 10:05 - 2012-12-18 20:22 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-29 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-08-29 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-08-28 19:19 - 2020-07-16 20:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-28 19:15 - 2021-05-13 14:00 - 000002432 _____ C:\Users\RostaBetak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-28 19:15 - 2020-09-29 10:59 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-311663323-2849101808-2652881075-1001
2021-08-20 16:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-16 15:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-16 08:33 - 2020-09-29 10:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 08:33 - 2020-09-29 10:59 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-15 08:35 - 2021-02-27 09:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 17:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-14 17:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-13 14:16 - 2013-08-25 18:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 14:06 - 2012-12-19 17:39 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 09:33 - 2018-02-02 15:16 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\Packages
2021-08-09 18:59 - 2015-08-05 19:46 - 000000000 ___RD C:\Users\RostaBetak\OneDrive
2021-08-04 18:10 - 2018-03-02 22:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-02 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-02 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-02 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning

==================== Files in the root of some directories ========

2018-06-19 08:56 - 2018-06-19 08:56 - 000000021 _____ () C:\Users\RostaBetak\AppData\Roaming\my_intel.sys
2012-12-18 18:13 - 2021-09-01 12:55 - 000000380 _____ () C:\Users\RostaBetak\AppData\Roaming\sp_data.sys
2020-09-23 12:21 - 2020-09-23 12:21 - 000005632 _____ () C:\Users\RostaBetak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-18 22:07 - 2012-12-18 22:07 - 000000017 _____ () C:\Users\RostaBetak\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021
Ran by RostaBetak (01-09-2021 18:39:44)
Running from D:\plocha
Windows 10 Home Version 2004 19041.1165 (X64) (2020-09-29 09:00:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-311663323-2849101808-2652881075-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-311663323-2849101808-2652881075-503 - Limited - Disabled)
Guest (S-1-5-21-311663323-2849101808-2652881075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-311663323-2849101808-2652881075-1011 - Limited - Enabled)
RostaBetak (S-1-5-21-311663323-2849101808-2652881075-1001 - Administrator - Enabled) => C:\Users\RostaBetak
WDAGUtilityAccount (S-1-5-21-311663323-2849101808-2652881075-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.6.142.61624 - Alcor Micro Corp.)
ArchiCAD 13 CZE (HKLM\...\001FFF2FFF13FF00FF1101F00F02F000-R1) (Version: - Graphisoft)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.84 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java(TM) 6 Update 16 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.137 - PandoraTV)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0.2 (x64 cs)) (Version: 91.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 91.0.2.7905 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StartW8 1.0.9.10 (HKLM-x32\...\{1DF08A57-F5E0-472A-A8D0-2AEFC3A06419}) (Version: 1.0.9.10 - SODATSW spol. s r. o.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
WD SmartWare (HKLM\...\{17A76C9D-91D4-4E01-922D-1B3000DEB9F1}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1707.2.30 - ZONER software)

Packages:
=========
Adera -> C:\Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe [2015-08-05] (Microsoft Studios)
ASUS Calculator -> C:\Program Files\WindowsApps\B9ECED6F.ASUSCalculator_1.0.0.25_neutral__qmba6cd70vzyy [2015-08-05] (ASUSTek COMPUTER INC.)
Asus Converter -> C:\Program Files\WindowsApps\B9ECED6F.AsusConverter_1.0.0.27_neutral__qmba6cd70vzyy [2012-12-18] (ASUSTeK COMPUTER INC.)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-08-05] (ASUSTeK COMPUTER INC.)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-08] (Autodesk Inc.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2093.1.0_x86__kgqvnymyfvs32 [2021-08-29] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-08] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0 [2021-08-29] (Spotify AB) [Startup Task]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
The World Clock -> C:\Program Files\WindowsApps\B9ECED6F.TheWorldClock_1.0.0.6_neutral__qmba6cd70vzyy [2012-12-18] (ASUSTeK COMPUTER INC.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-18] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2013-10-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] () [File not signed]
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] () [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSContextMenu.DLL [2012-08-28] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2013-10-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] () [File not signed]
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] () [File not signed]
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-12-01 17:09 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2005-09-07 15:03 - 2005-09-07 15:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2013-12-01 17:09 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2021-09-01 18:31 - 2012-12-05 22:11 - 000009728 _____ (Luis Cobian) [File not signed] [File is in use] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2021-09-01 18:31 - 2012-12-05 23:08 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2015-07-20 17:48 - 2015-07-20 17:48 - 001006080 ____R (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-311663323-2849101808-2652881075-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2013-02-12] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RostaBetak\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20200606_153636.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\StartupFolder: => "trillian – zástupce.lnk"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "googletalk"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{452A5D9A-26BF-4407-A2E1-BFDE551F5C93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{67EFB130-C04E-4028-B0F0-282D6397644A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{805AE5C9-EE3E-49A7-A801-6B8A4446246D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F51615F7-FCA8-431F-90E1-235F6ED72164}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{59EA14D4-F555-4986-9292-FE53F9617F13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F4617D9-804A-4BA6-B815-E32134B998D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FBA604CA-896C-4A6D-BD4B-A992506272BB}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{3C0033D7-4ADE-4D8B-B5D0-EE48C605488A}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{A1C41A1B-C617-480D-88FF-1CB19FE25869}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{3F45C437-905C-4359-8839-D66932EF75DB}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{58828B5B-C6D6-44F9-A3F0-6F873CCB9C38}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [{C6B9BB6B-4EE3-4750-81CF-89EC602A337F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{2673E10D-6F67-45B8-ACCE-D6E208A71EE5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{4B8B81C1-9F1F-45F7-900B-8B5798839CD1}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe (Cerulean Studios, LLC -> Cerulean Studios)
FirewallRules: [UDP Query User{30A431A6-28CB-466E-B6B5-26A9A58744D1}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe (Cerulean Studios, LLC -> Cerulean Studios)
FirewallRules: [{A513CD12-F5C1-4BB5-94E5-00082A63ACB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C23CD84-C788-4AFE-A4AB-F3172109F787}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E6310A4-D1D7-4026-831A-38F56A3D8F4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D39AE9B-E21B-486C-A956-7B51A935EAB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11A9A3C4-2746-4AB7-960F-DE9678CEB746}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90D5EC49-3C23-4EEE-91E9-D66973FF8241}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F09EFBC-C121-442C-B1F5-3B9154889947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6074E80A-9135-4F40-9803-875B644604D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FFEB025-4A31-41F2-A27C-0226D478AF10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3674CE47-F316-4182-B1B6-8472B62089D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{879037C2-7F6E-43BF-AA71-E126D2681604}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA109773-0C54-4EBA-9C95-13AB2928394E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

16-08-2021 16:24:36 Naplánovaný kontrolní bod
29-08-2021 08:51:36 Naplánovaný kontrolní bod
01-09-2021 17:19:13 AdwCleaner_BeforeCleaning_01/09/2021_17:19:12

==================== Faulty Device Manager Devices ============

Name: Bluetooth module
Description: Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/01/2021 05:42:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1151, časové razítko: 0x2885d2b8
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x1838
Čas spuštění chybující aplikace: 0x01d79f45523d0831
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: d0748ccc-bc8f-474b-a47d-2a1d76944178
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 05:23:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x408
Čas spuštění chybující aplikace: 0x01d79f454bf98692
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: bf8c3aea-f59c-46b6-901e-9ac0aa726334
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 05:14:12 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/01/2021 02:29:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/01/2021 12:55:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x190c
Čas spuštění chybující aplikace: 0x01d79f1fe02357b0
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: f50f1cfa-a637-4054-92c0-2418762e1fb5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 12:27:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x2388
Čas spuštění chybující aplikace: 0x01d79f1be6e3749b
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: 57a5a7ba-8a85-4ad9-9662-7e4c0de6ce64
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 10:54:26 AM) (Source: SyncBackFree) (EventID: 101) (User: )
Description: Event-ID 101

Error: (08/31/2021 06:12:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0xf78
Čas spuštění chybující aplikace: 0x01d79e8301bcbb99
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: 1f2825d2-fe94-4ba8-af31-9648bfeeab68
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/01/2021 06:32:29 PM) (Source: DCOM) (EventID: 10000) (User: RostaB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/01/2021 06:22:52 PM) (Source: DCOM) (EventID: 10000) (User: RostaB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/01/2021 05:26:23 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/01/2021 05:20:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/01/2021 05:20:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WD Drive Manager byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (09/01/2021 05:20:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/01/2021 05:13:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/01/2021 05:13:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WD Drive Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-08-31 18:34:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {53ECE37D-31A8-4A24-8B84-6395ACCC3089}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-16 15:27:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E1A68CA1-7843-435A-84C2-FED9E07F1A00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-15 09:34:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_E:\rcsetup153.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: RostaB\RostaBetak
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.345.532.0, AS: 1.345.532.0, NIS: 1.345.532.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-14 18:55:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Pearfoos.A!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe; process:_pid:7464,ProcessStart:132734287060375047
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.345.527.0, AS: 1.345.527.0, NIS: 1.345.527.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-14 17:48:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Pearfoos.A!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe; process:_pid:7464,ProcessStart:132734287060375047
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
Verze bezpečnostních informací: AV: 1.345.527.0, AS: 1.345.527.0, NIS: 1.345.527.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:56:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-08-19 14:04:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X55A.413 08/20/2012
Motherboard: ASUSTeK COMPUTER INC. X55A
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 3979.82 MB
Available physical RAM: 1476.83 MB
Total Virtual: 5771.82 MB
Available Virtual: 3294.48 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.49 GB) (Free:128.26 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.45 GB) (Free:161.73 GB) NTFS
Drive f: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{09fae88f-4b05-490f-91a6-eb4fa00f51fd}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.27 GB) NTFS
\\?\Volume{19b986df-b0fa-43b0-863f-7ca4206fcbed}\ () (Fixed) (Total:0.81 GB) (Free:0.29 GB) NTFS
\\?\Volume{adbca9b6-c50c-4ede-9327-97c07aefa8c8}\ (Restore) (Fixed) (Total:20 GB) (Free:10.56 GB) NTFS
\\?\Volume{d822ec6c-98c5-42a8-8de1-e3ee4543c4a2}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.23 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 23D3E035)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola

#4 Příspěvek od JaRon »

Je to o poznanie lepsie :)
Spust s prikazoveho riadku ako spravca
sfc /scannow
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Preventivní kontrola

#5 Příspěvek od artmle9 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Ran by RostaBetak (administrator) on ROSTAB (ASUSTeK COMPUTER INC. X55A) (01-09-2021 19:27:30)
Running from D:\plocha
Loaded Profiles: RostaBetak
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AlcorMicro, Corp. -> Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0E3C08AB-D9C5-4737-A04B-772C26C79D41} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {175DC47D-B89C-4C5B-A263-D69B9D1F3854} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {180EF5C5-BC25-408F-90FC-075A368E6E80} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2453EBE0-E7ED-429B-8FA0-652434488E52} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1123536 2012-07-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {27447ABE-8280-4ECF-8E56-89C1B4027FFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2F34B6F6-80F0-4B59-8AB1-88632E27FF6E} - System32\Tasks\{BA29B442-2BD6-48D3-9AA7-158F2791BAFA} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35D2F06F-3317-4230-B8F8-3BB9C7BF7387} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {37795A96-3F23-428F-BE53-9D47C0CAA73D} - System32\Tasks\{F839FC7E-463C-4400-8F97-9821092A54E0} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {37FB082B-CA15-4710-9063-1A4CF86C2B13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3C9388BB-4A34-416F-8DE0-84C66749780B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {47F143B4-7B38-41E1-87DD-F6FD64BD8874} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {4C15847D-0D86-4948-ACE4-A732012DCC30} - System32\Tasks\{1736A3D5-D1EE-40ED-A289-1514805696C3} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {4C2365D6-97AD-4367-95D0-D8D22E4C5280} - System32\Tasks\{0EB8FD6C-1BC8-410F-82CB-4894B2D46FB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {602DA0B3-D2C4-44E7-870E-140B25B32C17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {73A7DDBE-C4F2-4FAC-BDA2-DCEED1BED44C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8563C6E8-B31D-4C46-BC89-DD980166291D} - System32\Tasks\{233DCCB5-AC3E-46CE-97DD-F91DDD9365DF} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {891130B1-1984-40FB-A15C-A089923F6F81} - System32\Tasks\CCleanerSkipUAC - RostaBetak => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8B377EA6-5193-4A67-B24E-A08140CECFE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {907D7498-84D2-4B55-B4E1-EAFD165BDEB3} - System32\Tasks\{CDEF0A78-22F1-4BFE-A125-2F6AAEEE5D2E} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {910D4001-C284-4A76-A4E4-C656A781720C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93092B01-5620-4F43-B023-B6A4735A2AAC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A3E57C43-1FE5-40E8-A503-679C4AF8D702} - System32\Tasks\{FCA2E8D5-9E4D-4F15-9F2B-8A23158384AC} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {B9C23DBF-D17E-41E6-A935-D7B3FD05C208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C1BD723B-FDBA-4B52-8323-35E7D9A0D1B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3F6186A-BBF0-4718-9FC2-EE80A64D4231} - System32\Tasks\{BDB04621-058D-4D7C-9D14-D0E6A02F9BB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D20024C9-79C4-4BB1-8B86-FDFE1CB2C7E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D2B137F3-697E-448F-8814-22812439265F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D8CECC78-B345-400A-BA54-EEDF82F678B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB8F16EB-0A79-4601-B2FD-336353189EB0} - System32\Tasks\{135981EF-7AAC-43AA-A114-4E7252292C7B} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {ECCF5651-595B-4290-BD15-239C8873EB8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F323CBDB-F12B-4DAB-A53D-917B4112BCE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F32C711A-7FCC-4912-971E-380887520D3F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-04] (ASUSTeK Computer Inc. -> ASUS)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FB8D488F-026B-4055-94E3-77CB0922B075} - System32\Tasks\{4A55CEA4-2D05-4D12-A447-BAC98CDF509A} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed20c8c5-6d93-453a-bf5b-43b8c4fae0a3}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\RostaBetak\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-01]

FireFox:
========
FF DefaultProfile: srdyd2kt.default
FF ProfilePath: C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default [2021-09-01]
FF DownloadDir: D:\plocha
FF Homepage: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\srdyd2kt.default -> hxxps://58526a385da80.edrone.me; hxxps://www.youtube.com; hxxps://thaidapps.com; hxxps://www.emimino.cz; hxxps://www.blancheporte.cz; hxxps://www.megaknihy.cz; hxxps://talkonlinepanel.com; hxxps://www.dedoles.cz; hxxps://www.bezvasport.cz; hxxps://sdilej.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-02-15]
FF SearchPlugin: C:\Users\RostaBetak\AppData\Roaming\Mozilla\Firefox\Profiles\srdyd2kt.default\searchplugins\Poshukach Engin Search.xml [2021-06-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Profile: C:\Users\RostaBetak\AppData\Roaming\Opera Software\Opera Stable [2021-09-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-08-05] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 andnetndis; C:\WINDOWS\System32\drivers\lgandnetndis64.sys [93184 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-01 18:31 - 2021-09-01 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2021-09-01 18:31 - 2021-09-01 18:31 - 000000000 ____D C:\Program Files (x86)\Cobian Backup 11
2021-09-01 17:12 - 2021-09-01 17:13 - 000000000 ____D C:\AdwCleaner
2021-09-01 13:08 - 2021-09-01 19:29 - 000000000 ____D C:\FRST
2021-09-01 10:30 - 2021-09-01 10:30 - 000000000 ____D C:\Program Files (x86)\2BrightSparks
2021-08-29 19:10 - 2021-08-29 19:11 - 000152740 _____ C:\Users\RostaBetak\Documents\cc_20210829_191055.reg
2021-08-29 17:31 - 2021-08-29 17:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-29 17:31 - 2021-08-29 17:31 - 000002906 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RostaBetak
2021-08-29 10:06 - 2021-08-29 10:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-19 14:25 - 2021-08-19 14:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-19 14:25 - 2021-08-19 14:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-19 14:24 - 2021-08-19 14:24 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-19 14:24 - 2021-08-19 14:24 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-19 14:22 - 2021-08-19 14:22 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-19 14:22 - 2021-08-19 14:22 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-19 14:19 - 2021-08-19 14:19 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-17 14:39 - 2021-08-17 14:39 - 000000000 ___HD C:\$WinREAgent
2021-08-13 14:13 - 2021-08-13 14:13 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2021-08-03 09:10 - 2021-08-03 09:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-03 09:10 - 2021-08-03 09:10 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-01 19:30 - 2016-12-18 10:52 - 000000000 ____D C:\Program Files\CCleaner
2021-09-01 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-01 18:59 - 2016-11-19 15:26 - 000000000 ____D C:\Users\RostaBetak\AppData\LocalLow\Mozilla
2021-09-01 18:11 - 2020-09-29 10:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-01 17:27 - 2020-09-29 10:42 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-01 17:27 - 2019-12-07 16:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-09-01 17:27 - 2019-12-07 16:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-09-01 17:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-01 17:24 - 2013-12-01 09:42 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2021-09-01 17:22 - 2020-09-29 10:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-01 17:22 - 2020-09-29 10:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-01 17:21 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-01 17:20 - 2017-07-24 16:26 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-09-01 17:20 - 2012-08-04 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-09-01 17:13 - 2013-02-11 18:29 - 000000000 ____D C:\ProgramData\ICQ
2021-09-01 16:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-01 16:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-01 12:55 - 2012-12-18 18:13 - 000000380 _____ C:\Users\RostaBetak\AppData\Roaming\sp_data.sys
2021-08-31 07:44 - 2012-12-19 17:33 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-29 18:05 - 2020-08-12 12:14 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\D3DSCache
2021-08-29 17:50 - 2020-09-29 10:28 - 000446160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-29 17:49 - 2013-01-20 12:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-29 17:49 - 2012-12-18 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-29 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-29 17:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-29 17:39 - 2020-09-23 20:16 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-29 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-08-29 17:28 - 2018-05-28 15:18 - 000000000 ____D C:\ProgramData\tmp
2021-08-29 17:28 - 2012-12-22 19:05 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\CrashDumps
2021-08-29 17:18 - 2012-12-19 20:56 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2021-08-29 17:17 - 2012-12-19 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2021-08-29 17:15 - 2018-05-28 15:19 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\FOTOLAB CEWE fotosvet
2021-08-29 17:15 - 2013-06-23 11:23 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-29 17:13 - 2018-02-11 17:46 - 000000000 ____D C:\Program Files\Fotolab
2021-08-29 17:11 - 2017-03-12 15:46 - 000000000 ____D C:\Users\RostaBetak\AppData\Roaming\KASTNER software
2021-08-29 17:05 - 2013-12-01 09:41 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-29 16:51 - 2013-01-20 12:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-29 10:05 - 2012-12-18 20:22 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-29 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-08-29 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-08-28 19:19 - 2020-07-16 20:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-28 19:15 - 2021-05-13 14:00 - 000002432 _____ C:\Users\RostaBetak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-28 19:15 - 2020-09-29 10:59 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-311663323-2849101808-2652881075-1001
2021-08-20 16:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-16 15:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-16 08:33 - 2020-09-29 10:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 08:33 - 2020-09-29 10:59 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-15 08:35 - 2021-02-27 09:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 17:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-14 17:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-13 14:16 - 2013-08-25 18:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 14:06 - 2012-12-19 17:39 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 09:33 - 2018-02-02 15:16 - 000000000 ____D C:\Users\RostaBetak\AppData\Local\Packages
2021-08-09 18:59 - 2015-08-05 19:46 - 000000000 ___RD C:\Users\RostaBetak\OneDrive
2021-08-04 18:10 - 2018-03-02 22:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-02 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-02 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-02 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning

==================== Files in the root of some directories ========

2018-06-19 08:56 - 2018-06-19 08:56 - 000000021 _____ () C:\Users\RostaBetak\AppData\Roaming\my_intel.sys
2012-12-18 18:13 - 2021-09-01 12:55 - 000000380 _____ () C:\Users\RostaBetak\AppData\Roaming\sp_data.sys
2020-09-23 12:21 - 2020-09-23 12:21 - 000005632 _____ () C:\Users\RostaBetak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-18 22:07 - 2012-12-18 22:07 - 000000017 _____ () C:\Users\RostaBetak\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021
Ran by RostaBetak (01-09-2021 19:32:28)
Running from D:\plocha
Windows 10 Home Version 2004 19041.1165 (X64) (2020-09-29 09:00:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-311663323-2849101808-2652881075-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-311663323-2849101808-2652881075-503 - Limited - Disabled)
Guest (S-1-5-21-311663323-2849101808-2652881075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-311663323-2849101808-2652881075-1011 - Limited - Enabled)
RostaBetak (S-1-5-21-311663323-2849101808-2652881075-1001 - Administrator - Enabled) => C:\Users\RostaBetak
WDAGUtilityAccount (S-1-5-21-311663323-2849101808-2652881075-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.6.142.61624 - Alcor Micro Corp.)
ArchiCAD 13 CZE (HKLM\...\001FFF2FFF13FF00FF1101F00F02F000-R1) (Version: - Graphisoft)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.84 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java(TM) 6 Update 16 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.137 - PandoraTV)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0.2 (x64 cs)) (Version: 91.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 91.0.2.7905 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StartW8 1.0.9.10 (HKLM-x32\...\{1DF08A57-F5E0-472A-A8D0-2AEFC3A06419}) (Version: 1.0.9.10 - SODATSW spol. s r. o.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
WD SmartWare (HKLM\...\{17A76C9D-91D4-4E01-922D-1B3000DEB9F1}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1707.2.30 - ZONER software)

Packages:
=========
Adera -> C:\Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe [2015-08-05] (Microsoft Studios)
ASUS Calculator -> C:\Program Files\WindowsApps\B9ECED6F.ASUSCalculator_1.0.0.25_neutral__qmba6cd70vzyy [2015-08-05] (ASUSTek COMPUTER INC.)
Asus Converter -> C:\Program Files\WindowsApps\B9ECED6F.AsusConverter_1.0.0.27_neutral__qmba6cd70vzyy [2012-12-18] (ASUSTeK COMPUTER INC.)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-08-05] (ASUSTeK COMPUTER INC.)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-08] (Autodesk Inc.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2093.1.0_x86__kgqvnymyfvs32 [2021-08-29] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-08] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-05] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0 [2021-08-29] (Spotify AB) [Startup Task]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
The World Clock -> C:\Program Files\WindowsApps\B9ECED6F.TheWorldClock_1.0.0.6_neutral__qmba6cd70vzyy [2012-12-18] (ASUSTeK COMPUTER INC.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-18] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2013-10-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] () [File not signed]
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] () [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSContextMenu.DLL [2012-08-28] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2013-10-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] () [File not signed]
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] () [File not signed]
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-07-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-03-13 17:11 - 2010-09-07 04:21 - 000538435 _____ () [File not signed] C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2013-12-01 17:09 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2012-12-18 21:56 - 2012-06-09 20:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2021-09-01 18:31 - 2012-12-05 22:11 - 000056320 _____ (Alphaleonis) [File not signed] [File is in use] C:\Program Files (x86)\Cobian Backup 11\AlphaVSS.Common.dll
2021-09-01 18:31 - 2012-12-05 22:11 - 000166400 _____ (Alphaleonis) [File not signed] [File is in use] C:\Program Files (x86)\Cobian Backup 11\AlphaVSS.Win2008.x64.dll
2005-09-07 15:03 - 2005-09-07 15:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2013-12-01 17:09 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2021-09-01 18:31 - 2012-12-05 22:11 - 000009728 _____ (Luis Cobian) [File not signed] [File is in use] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2021-09-01 18:31 - 2012-12-05 23:08 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2020-09-29 10:38 - 2020-09-29 10:38 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2015-07-20 17:48 - 2015-07-20 17:48 - 001006080 ____R (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-311663323-2849101808-2652881075-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2013-02-12] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RostaBetak\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20200606_153636.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\StartupFolder: => "trillian – zástupce.lnk"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "googletalk"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-311663323-2849101808-2652881075-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{452A5D9A-26BF-4407-A2E1-BFDE551F5C93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{67EFB130-C04E-4028-B0F0-282D6397644A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{805AE5C9-EE3E-49A7-A801-6B8A4446246D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F51615F7-FCA8-431F-90E1-235F6ED72164}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{59EA14D4-F555-4986-9292-FE53F9617F13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F4617D9-804A-4BA6-B815-E32134B998D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FBA604CA-896C-4A6D-BD4B-A992506272BB}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{3C0033D7-4ADE-4D8B-B5D0-EE48C605488A}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{A1C41A1B-C617-480D-88FF-1CB19FE25869}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{3F45C437-905C-4359-8839-D66932EF75DB}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{58828B5B-C6D6-44F9-A3F0-6F873CCB9C38}C:\program files\graphisoft\archicad 13\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 13\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [{C6B9BB6B-4EE3-4750-81CF-89EC602A337F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{2673E10D-6F67-45B8-ACCE-D6E208A71EE5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{4B8B81C1-9F1F-45F7-900B-8B5798839CD1}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe (Cerulean Studios, LLC -> Cerulean Studios)
FirewallRules: [UDP Query User{30A431A6-28CB-466E-B6B5-26A9A58744D1}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe (Cerulean Studios, LLC -> Cerulean Studios)
FirewallRules: [{A513CD12-F5C1-4BB5-94E5-00082A63ACB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C23CD84-C788-4AFE-A4AB-F3172109F787}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E6310A4-D1D7-4026-831A-38F56A3D8F4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D39AE9B-E21B-486C-A956-7B51A935EAB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11A9A3C4-2746-4AB7-960F-DE9678CEB746}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90D5EC49-3C23-4EEE-91E9-D66973FF8241}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F09EFBC-C121-442C-B1F5-3B9154889947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6074E80A-9135-4F40-9803-875B644604D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FFEB025-4A31-41F2-A27C-0226D478AF10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3674CE47-F316-4182-B1B6-8472B62089D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{879037C2-7F6E-43BF-AA71-E126D2681604}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA109773-0C54-4EBA-9C95-13AB2928394E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

16-08-2021 16:24:36 Naplánovaný kontrolní bod
29-08-2021 08:51:36 Naplánovaný kontrolní bod
01-09-2021 17:19:13 AdwCleaner_BeforeCleaning_01/09/2021_17:19:12

==================== Faulty Device Manager Devices ============

Name: Bluetooth module
Description: Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/01/2021 07:11:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {1ca32c93-a08a-4ea8-94f9-fd67560e5ae0}

Error: (09/01/2021 05:42:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1151, časové razítko: 0x2885d2b8
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x1838
Čas spuštění chybující aplikace: 0x01d79f45523d0831
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: d0748ccc-bc8f-474b-a47d-2a1d76944178
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 05:23:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x408
Čas spuštění chybující aplikace: 0x01d79f454bf98692
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: bf8c3aea-f59c-46b6-901e-9ac0aa726334
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 05:14:12 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/01/2021 02:29:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/01/2021 12:55:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x190c
Čas spuštění chybující aplikace: 0x01d79f1fe02357b0
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: f50f1cfa-a637-4054-92c0-2418762e1fb5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 12:27:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ElanTPCfg64.exe, verze: 1.0.65.1, časové razítko: 0x4f0be108
Název chybujícího modulu: ETDApi.dll, verze: 11.9.8.1, časové razítko: 0x5464772b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002485
ID chybujícího procesu: 0x2388
Čas spuštění chybující aplikace: 0x01d79f1be6e3749b
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
Cesta k chybujícímu modulu: C:\Program Files\Elantech\ETDApi.dll
ID zprávy: 57a5a7ba-8a85-4ad9-9662-7e4c0de6ce64
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 10:54:26 AM) (Source: SyncBackFree) (EventID: 101) (User: )
Description: Event-ID 101


System errors:
=============
Error: (09/01/2021 06:32:29 PM) (Source: DCOM) (EventID: 10000) (User: RostaB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/01/2021 06:22:52 PM) (Source: DCOM) (EventID: 10000) (User: RostaB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/01/2021 05:26:23 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/01/2021 05:20:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/01/2021 05:20:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WD Drive Manager byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (09/01/2021 05:20:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/01/2021 05:13:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/01/2021 05:13:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WD Drive Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-08-31 18:34:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {53ECE37D-31A8-4A24-8B84-6395ACCC3089}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-16 15:27:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E1A68CA1-7843-435A-84C2-FED9E07F1A00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-15 09:34:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_E:\rcsetup153.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: RostaB\RostaBetak
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.345.532.0, AS: 1.345.532.0, NIS: 1.345.532.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-14 18:55:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Pearfoos.A!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe; process:_pid:7464,ProcessStart:132734287060375047
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.345.527.0, AS: 1.345.527.0, NIS: 1.345.527.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-14 17:48:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Pearfoos.A!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe; process:_pid:7464,ProcessStart:132734287060375047
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
Verze bezpečnostních informací: AV: 1.345.527.0, AS: 1.345.527.0, NIS: 1.345.527.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:59:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-08-20 15:56:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-08-19 14:04:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.345.609.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X55A.413 08/20/2012
Motherboard: ASUSTeK COMPUTER INC. X55A
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 68%
Total physical RAM: 3979.82 MB
Available physical RAM: 1261.47 MB
Total Virtual: 5771.82 MB
Available Virtual: 2894.14 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.49 GB) (Free:127.94 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.45 GB) (Free:153.76 GB) NTFS
Drive f: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{09fae88f-4b05-490f-91a6-eb4fa00f51fd}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.27 GB) NTFS
\\?\Volume{19b986df-b0fa-43b0-863f-7ca4206fcbed}\ () (Fixed) (Total:0.81 GB) (Free:0.29 GB) NTFS
\\?\Volume{adbca9b6-c50c-4ede-9327-97c07aefa8c8}\ (Restore) (Fixed) (Total:20 GB) (Free:10.56 GB) NTFS
\\?\Volume{d822ec6c-98c5-42a8-8de1-e3ee4543c4a2}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.23 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 23D3E035)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola

#6 Příspěvek od JaRon »

zaverecne cistenie - citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
Task: {0E3C08AB-D9C5-4737-A04B-772C26C79D41} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {27447ABE-8280-4ECF-8E56-89C1B4027FFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2F34B6F6-80F0-4B59-8AB1-88632E27FF6E} - System32\Tasks\{BA29B442-2BD6-48D3-9AA7-158F2791BAFA} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {37795A96-3F23-428F-BE53-9D47C0CAA73D} - System32\Tasks\{F839FC7E-463C-4400-8F97-9821092A54E0} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {37FB082B-CA15-4710-9063-1A4CF86C2B13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4C15847D-0D86-4948-ACE4-A732012DCC30} - System32\Tasks\{1736A3D5-D1EE-40ED-A289-1514805696C3} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {4C2365D6-97AD-4367-95D0-D8D22E4C5280} - System32\Tasks\{0EB8FD6C-1BC8-410F-82CB-4894B2D46FB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {602DA0B3-D2C4-44E7-870E-140B25B32C17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73A7DDBE-C4F2-4FAC-BDA2-DCEED1BED44C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8B377EA6-5193-4A67-B24E-A08140CECFE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {907D7498-84D2-4B55-B4E1-EAFD165BDEB3} - System32\Tasks\{CDEF0A78-22F1-4BFE-A125-2F6AAEEE5D2E} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {93092B01-5620-4F43-B023-B6A4735A2AAC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A3E57C43-1FE5-40E8-A503-679C4AF8D702} - System32\Tasks\{FCA2E8D5-9E4D-4F15-9F2B-8A23158384AC} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {B9C23DBF-D17E-41E6-A935-D7B3FD05C208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D20024C9-79C4-4BB1-8B86-FDFE1CB2C7E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D2B137F3-697E-448F-8814-22812439265F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DB8F16EB-0A79-4601-B2FD-336353189EB0} - System32\Tasks\{135981EF-7AAC-43AA-A114-4E7252292C7B} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {ECCF5651-595B-4290-BD15-239C8873EB8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F323CBDB-F12B-4DAB-A53D-917B4112BCE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {FB8D488F-026B-4055-94E3-77CB0922B075} - System32\Tasks\{4A55CEA4-2D05-4D12-A447-BAC98CDF509A} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Preventivní kontrola

#7 Příspěvek od artmle9 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021
Ran by RostaBetak (02-09-2021 14:50:40) Run:1
Running from D:\plocha
Loaded Profiles: RostaBetak
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Task: {0E3C08AB-D9C5-4737-A04B-772C26C79D41} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {27447ABE-8280-4ECF-8E56-89C1B4027FFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2F34B6F6-80F0-4B59-8AB1-88632E27FF6E} - System32\Tasks\{BA29B442-2BD6-48D3-9AA7-158F2791BAFA} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {37795A96-3F23-428F-BE53-9D47C0CAA73D} - System32\Tasks\{F839FC7E-463C-4400-8F97-9821092A54E0} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {37FB082B-CA15-4710-9063-1A4CF86C2B13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4C15847D-0D86-4948-ACE4-A732012DCC30} - System32\Tasks\{1736A3D5-D1EE-40ED-A289-1514805696C3} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {4C2365D6-97AD-4367-95D0-D8D22E4C5280} - System32\Tasks\{0EB8FD6C-1BC8-410F-82CB-4894B2D46FB5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {602DA0B3-D2C4-44E7-870E-140B25B32C17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73A7DDBE-C4F2-4FAC-BDA2-DCEED1BED44C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8B377EA6-5193-4A67-B24E-A08140CECFE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {907D7498-84D2-4B55-B4E1-EAFD165BDEB3} - System32\Tasks\{CDEF0A78-22F1-4BFE-A125-2F6AAEEE5D2E} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {93092B01-5620-4F43-B023-B6A4735A2AAC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A3E57C43-1FE5-40E8-A503-679C4AF8D702} - System32\Tasks\{FCA2E8D5-9E4D-4F15-9F2B-8A23158384AC} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
Task: {B9C23DBF-D17E-41E6-A935-D7B3FD05C208} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D20024C9-79C4-4BB1-8B86-FDFE1CB2C7E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D2B137F3-697E-448F-8814-22812439265F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DB8F16EB-0A79-4601-B2FD-336353189EB0} - System32\Tasks\{135981EF-7AAC-43AA-A114-4E7252292C7B} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.5.0.158/cs/g ... Error=1603
Task: {ECCF5651-595B-4290-BD15-239C8873EB8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F323CBDB-F12B-4DAB-A53D-917B4112BCE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {FB8D488F-026B-4055-94E3-77CB0922B075} - System32\Tasks\{4A55CEA4-2D05-4D12-A447-BAC98CDF509A} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/cs/g ... Error=1603
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION



EmptyTemp:
Reboot:
End
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E3C08AB-D9C5-4737-A04B-772C26C79D41}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E3C08AB-D9C5-4737-A04B-772C26C79D41}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27447ABE-8280-4ECF-8E56-89C1B4027FFC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27447ABE-8280-4ECF-8E56-89C1B4027FFC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F34B6F6-80F0-4B59-8AB1-88632E27FF6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F34B6F6-80F0-4B59-8AB1-88632E27FF6E}" => removed successfully
C:\WINDOWS\System32\Tasks\{BA29B442-2BD6-48D3-9AA7-158F2791BAFA} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BA29B442-2BD6-48D3-9AA7-158F2791BAFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37795A96-3F23-428F-BE53-9D47C0CAA73D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37795A96-3F23-428F-BE53-9D47C0CAA73D}" => removed successfully
C:\WINDOWS\System32\Tasks\{F839FC7E-463C-4400-8F97-9821092A54E0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F839FC7E-463C-4400-8F97-9821092A54E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37FB082B-CA15-4710-9063-1A4CF86C2B13}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37FB082B-CA15-4710-9063-1A4CF86C2B13}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C15847D-0D86-4948-ACE4-A732012DCC30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C15847D-0D86-4948-ACE4-A732012DCC30}" => removed successfully
C:\WINDOWS\System32\Tasks\{1736A3D5-D1EE-40ED-A289-1514805696C3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1736A3D5-D1EE-40ED-A289-1514805696C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C2365D6-97AD-4367-95D0-D8D22E4C5280}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C2365D6-97AD-4367-95D0-D8D22E4C5280}" => removed successfully
C:\WINDOWS\System32\Tasks\{0EB8FD6C-1BC8-410F-82CB-4894B2D46FB5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0EB8FD6C-1BC8-410F-82CB-4894B2D46FB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{602DA0B3-D2C4-44E7-870E-140B25B32C17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{602DA0B3-D2C4-44E7-870E-140B25B32C17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73A7DDBE-C4F2-4FAC-BDA2-DCEED1BED44C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73A7DDBE-C4F2-4FAC-BDA2-DCEED1BED44C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B377EA6-5193-4A67-B24E-A08140CECFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B377EA6-5193-4A67-B24E-A08140CECFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{907D7498-84D2-4B55-B4E1-EAFD165BDEB3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907D7498-84D2-4B55-B4E1-EAFD165BDEB3}" => removed successfully
C:\WINDOWS\System32\Tasks\{CDEF0A78-22F1-4BFE-A125-2F6AAEEE5D2E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CDEF0A78-22F1-4BFE-A125-2F6AAEEE5D2E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93092B01-5620-4F43-B023-B6A4735A2AAC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93092B01-5620-4F43-B023-B6A4735A2AAC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3E57C43-1FE5-40E8-A503-679C4AF8D702}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3E57C43-1FE5-40E8-A503-679C4AF8D702}" => removed successfully
C:\WINDOWS\System32\Tasks\{FCA2E8D5-9E4D-4F15-9F2B-8A23158384AC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FCA2E8D5-9E4D-4F15-9F2B-8A23158384AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9C23DBF-D17E-41E6-A935-D7B3FD05C208}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9C23DBF-D17E-41E6-A935-D7B3FD05C208}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D20024C9-79C4-4BB1-8B86-FDFE1CB2C7E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D20024C9-79C4-4BB1-8B86-FDFE1CB2C7E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2B137F3-697E-448F-8814-22812439265F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2B137F3-697E-448F-8814-22812439265F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB8F16EB-0A79-4601-B2FD-336353189EB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB8F16EB-0A79-4601-B2FD-336353189EB0}" => removed successfully
C:\WINDOWS\System32\Tasks\{135981EF-7AAC-43AA-A114-4E7252292C7B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{135981EF-7AAC-43AA-A114-4E7252292C7B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECCF5651-595B-4290-BD15-239C8873EB8E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECCF5651-595B-4290-BD15-239C8873EB8E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F323CBDB-F12B-4DAB-A53D-917B4112BCE3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F323CBDB-F12B-4DAB-A53D-917B4112BCE3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB8D488F-026B-4055-94E3-77CB0922B075}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB8D488F-026B-4055-94E3-77CB0922B075}" => removed successfully
C:\WINDOWS\System32\Tasks\{4A55CEA4-2D05-4D12-A447-BAC98CDF509A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4A55CEA4-2D05-4D12-A447-BAC98CDF509A}" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17663588 B
Java, Flash, Steam htmlcache => 1317 B
Windows/system/drivers => 1973420 B
Edge => 26624 B
Firefox => 123201726 B
Opera => 4911840 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 506874434 B
RostaBetak => 514654148 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:52:08 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola

#8 Příspěvek od JaRon »

Hotovo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Preventivní kontrola

#9 Příspěvek od artmle9 »

Supr, diky

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola

#10 Příspěvek od JaRon »

Za malo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno