Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021
Ran by Vilem (administrator) on DEDA (ASUSTeK COMPUTER INC. X553MA) (14-11-2021 15:16:43)
Running from C:\Users\Vilem\Desktop\FRST
Loaded Profiles: Vilem
Platform: Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.194\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intervideo, Inc. -> InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-10] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [261224 2021-10-04] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [UVS11 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341488 2007-03-03] (Ulead Systems, Inc. -> InterVideo Digital Technology Corporation) [File not signed]
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6391960 2013-04-18] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105328 2013-01-10] (Acronis International GmbH -> Acronis)
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\Run: [MicrosoftEdgeAutoLaunch_2438C3B05992E306A5DA724BBA0C4443] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a54-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a95-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b8bb-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b94d-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {c7fef861-9557-11eb-bd43-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {e276aad4-953a-11eb-bd3b-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2019-04-27]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2019-03-30]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2F0BBCA7-1AD0-4D17-9603-A1ABCD83B168} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13877464 2015-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {436489C5-B15E-4F57-A618-42AF326D730C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {45CF7F9E-DCEA-44A0-9CDF-910C4F67F333} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.194\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {5C58ED13-3DF4-4C48-918E-DCAC8B8D726C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {6B768087-D573-4F65-80E7-59521F073CCF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2371784 2021-11-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {6F1DECC3-EFD4-4982-BD9F-4CA617D27337} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
Task: {840D8202-252C-4199-A63D-FAB0B1529F69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {8DCEB0A0-2D74-4343-810F-0A024BFED10B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A7396524-7985-4C75-822A-53BC7B8CF6B1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {C451479F-BB05-4E44-A32B-446A60591D15} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CA4FC9BF-98E6-4C67-A139-EE8FB9F599FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {EA89695F-6945-47A5-A225-E8AC57B6A370} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FAA6D6A1-F189-444D-B6B9-BDE68E301384} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [957528 2021-10-17] (Bitdefender SRL -> Bitdefender)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 85.162.162.162 85.162.162.85 1.1.1.1 8.8.4.4 208.67.222.220
Tcpip\..\Interfaces\{0c8dddcb-b6e7-41bd-9c5f-dab0c6fb9498}: [DhcpNameServer] 192.168.88.1 85.162.162.162 85.162.162.85 1.1.1.1 8.8.4.4 208.67.222.220
Tcpip\..\Interfaces\{15b37f45-28f8-47f9-8cbf-33615db2e61d}: [DhcpNameServer] 192.168.88.1 85.162.162.162 85.162.162.85 1.1.1.1 8.8.4.4 208.67.222.220
Tcpip\..\Interfaces\{6dfe81c2-e7d7-4a90-b1fa-b6ace195eaf8}: [DhcpNameServer] 192.168.88.1 85.162.162.162 85.162.162.85 1.1.1.1 8.8.4.4 208.67.222.220
Tcpip\..\Interfaces\{734cbd2f-4e07-4c52-9f9e-e0bf268a566f}: [DhcpNameServer] 192.168.88.2
Tcpip\..\Interfaces\{a06cd2d2-4899-4aac-8dce-ec952f31eedf}: [DhcpNameServer] 8.8.8.8
Edge:
=======
DownloadDir: C:\Users\Vilem\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vilem\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-14]
Edge DownloadDir: Default -> C:\Users\Vilem\Downloads
FireFox:
========
FF DefaultProfile: 6qam00cd.default
FF ProfilePath: C:\Users\Vilem\AppData\Roaming\Mozilla\Firefox\Profiles\6qam00cd.default [2021-07-04]
FF Homepage: Mozilla\Firefox\Profiles\6qam00cd.default -> hxxps://www.seznam.cz/
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-24] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => not found
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-10-30] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-09-29] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Default [2021-11-14]
CHR Notifications: Default -> hxxps://fastbestcaptcha.top; hxxps://fastshare.cz; hxxps://kalkulackaenergie.com; hxxps://postovnezdarma.cz; hxxps://svetsatelitu.cz; hxxps://tarifomat.cz; hxxps://windows-protection.com; hxxps://www-euronics-cz.pushpushgo.com; hxxps://www.autohotarek.cz; hxxps://www.automobilovedily24.cz; hxxps://www.emimino.cz; hxxps://www.euautodily.cz; hxxps://www.eva.cz; hxxps://www.exasoft.cz; hxxps://www.garaz.cz; hxxps://www.heureka.cz; hxxps://www.kokiskashop.cz; hxxps://www.koloasport.cz; hxxps://www.pekro.cz; hxxps://www.slevomat.cz; hxxps://www.slevydnes.cz; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Bitdefender Wallet) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-09-26]
CHR Extension: (Helium Backup) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2021-04-04]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-04]
CHR Profile: C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-04]
CHR Extension: (Prezentace) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-07]
CHR Extension: (Dokumenty) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-07]
CHR Extension: (Disk Google) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-23]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-05-23]
CHR Extension: (YouTube) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-05-23]
CHR Extension: (Tabulky) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-05-23]
CHR Extension: (Bitdefender Wallet) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-05-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-23]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-23]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-05-23]
CHR Extension: (Gmail) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-23]
CHR Profile: C:\Users\Vilem\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1143720 2013-02-15] (Acronis International GmbH -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3779576 2020-09-24] (Acronis International GmbH -> Acronis)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [198256 2021-01-25] (Pango Inc. -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-24] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-24] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2019-06-03] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [256616 2021-10-04] (Bitdefender SRL -> Bitdefender)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (Intervideo, Inc. -> InterVideo Inc.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-11] (Mixbyte Inc -> Freemake)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
S2 PCLEPCI; C:\WINDOWS\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7091584 2013-03-26] (Acronis International GmbH -> Acronis)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [306776 2021-10-17] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-24] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3414928 2021-08-24] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [802976 2021-04-21] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2021-05-01] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-28] (Bitdefender SRL -> BitDefender)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-04-21] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [195232 2020-10-30] (Bitdefender SRL -> BitDefender LLC)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R2 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [185312 2020-12-15] (Bitdefender SRL -> Bitdefender)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S3 pcouffin; C:\Windows\SysWOW64\Drivers\pcouffin.sys [47360 2016-04-08] (VSO Software) [File not signed]
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2020-09-24] (Acronis International GmbH -> Acronis International GmbH)
S0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [183224 2020-09-24] (Acronis International GmbH -> Acronis)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [641728 2021-03-25] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-14 14:22 - 2021-11-14 14:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-11-14 14:17 - 2021-11-14 14:17 - 000234272 _____ (AVAST Software) C:\Users\Vilem\Downloads\avast_free_antivirus_setup_online (4).exe
2021-11-12 08:29 - 2021-11-12 08:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-12 08:29 - 2021-11-12 08:29 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-12 08:28 - 2021-11-12 08:28 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-12 08:28 - 2021-11-12 08:28 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-12 08:07 - 2021-11-12 08:07 - 000000000 ___HD C:\$WinREAgent
2021-11-07 08:10 - 2021-11-07 08:10 - 000001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-07 08:09 - 2021-11-07 08:10 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-30 16:28 - 2021-10-30 16:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2021-10-30 16:25 - 2021-10-30 16:26 - 079279336 _____ (XBMC Foundation) C:\Users\Vilem\Downloads\kodi-19.3-Matrix-x64.exe
2021-10-27 12:19 - 2021-10-27 12:19 - 000224889 _____ C:\Users\Vilem\Downloads\Zakladni_Produktove_podminky_sporiciho_uctu_Sporeni.pdf
2021-10-27 12:18 - 2021-10-27 12:18 - 000710737 _____ C:\Users\Vilem\Downloads\Zmenovy_list.pdf
2021-10-27 12:18 - 2021-10-27 12:18 - 000089042 _____ C:\Users\Vilem\Downloads\Parametry_sporiciho_uctu (1).pdf
2021-10-27 12:14 - 2021-10-27 12:14 - 000309119 _____ C:\Users\Vilem\Downloads\Predsmluvni_informace_sporiciho_uctu_Sporeni_A (1).pdf
2021-10-27 12:12 - 2021-10-27 12:12 - 000288252 _____ C:\Users\Vilem\Downloads\Sazebnik_poplatku_za_produkty_a_sluzby (1).pdf
2021-10-27 12:09 - 2021-10-27 12:09 - 000089042 _____ C:\Users\Vilem\Downloads\Parametry_sporiciho_uctu.pdf
2021-10-27 12:07 - 2021-10-27 12:07 - 000288252 _____ C:\Users\Vilem\Downloads\Sazebnik_poplatku_za_produkty_a_sluzby.pdf
2021-10-27 12:07 - 2021-10-27 12:07 - 000190545 _____ C:\Users\Vilem\Downloads\Ostatni_produktove_podminky.pdf
2021-10-27 12:05 - 2021-10-27 12:05 - 000309119 _____ C:\Users\Vilem\Downloads\Predsmluvni_informace_sporiciho_uctu_Sporeni_A.pdf
2021-10-24 19:14 - 2021-10-24 19:19 - 000000000 ____D C:\Users\Vilem\Desktop\hrnce
2021-10-24 19:11 - 2021-10-24 19:11 - 000074077 _____ C:\Users\Vilem\Desktop\faktura.pdf
2021-10-18 16:04 - 2021-10-18 16:04 - 000228228 _____ C:\ProgramData\vpn.1634569436.bdinstall.v2.bin
2021-10-18 16:04 - 2021-10-18 16:04 - 000085076 _____ C:\ProgramData\vpn.uninstall.1634569440.bdinstall.v2.bin
2021-10-17 11:15 - 2021-10-17 11:15 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-17 11:14 - 2021-10-17 11:14 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-17 11:14 - 2021-10-17 11:14 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-17 11:14 - 2021-10-17 11:14 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-14 15:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-14 15:17 - 2018-11-04 13:55 - 000000000 ____D C:\FRST
2021-11-14 15:16 - 2020-09-26 19:44 - 000000000 ____D C:\Users\Vilem\Desktop\FRST
2021-11-14 15:00 - 2020-12-29 14:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-14 14:52 - 2020-10-03 13:02 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-14 14:52 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-14 14:52 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-14 14:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-14 14:52 - 2015-08-24 20:18 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-14 14:50 - 2019-01-02 16:16 - 000000000 ____D C:\Program Files\CCleaner
2021-11-14 14:48 - 2020-10-03 13:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-14 14:48 - 2020-10-03 12:50 - 000000000 ____D C:\Users\Vilem
2021-11-14 14:48 - 2020-10-03 12:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-14 14:48 - 2020-09-22 21:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-14 14:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-14 14:48 - 2017-08-20 10:42 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2021-11-14 14:48 - 2015-08-10 18:24 - 000000000 __SHD C:\Users\Vilem\IntelGraphicsProfiles
2021-11-14 14:42 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-14 14:42 - 2015-08-31 14:43 - 000000000 ____D C:\ProgramData\AVAST Software
2021-11-14 14:21 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-14 14:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-14 14:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-14 13:58 - 2020-10-31 19:15 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-14 13:58 - 2020-10-31 19:15 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-12 23:54 - 2020-10-03 12:42 - 000452888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-12 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-12 23:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-12 19:57 - 2020-09-06 14:57 - 000000000 ____D C:\Users\Vilem\AppData\Roaming\Kodi
2021-11-12 08:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-12 08:05 - 2015-08-23 18:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-12 07:59 - 2015-08-23 18:45 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-03 19:33 - 2019-11-03 13:00 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-03 19:32 - 2019-11-03 13:00 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-30 18:42 - 2017-12-05 06:20 - 000000000 ____D C:\Users\Vilem\AppData\Local\Packages
2021-10-30 16:29 - 2015-10-25 10:24 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-30 16:28 - 2020-09-06 14:55 - 000000000 ____D C:\Program Files\Kodi
2021-10-18 16:04 - 2020-12-21 13:21 - 000002153 _____ C:\Users\Public\Desktop\Bitdefender VPN.lnk
2021-10-18 15:45 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-18 15:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-18 15:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-18 15:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-18 15:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-17 11:07 - 2016-01-03 08:42 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2019-03-20 21:37 - 2019-03-20 21:37 - 005242880 _____ () C:\Program Files (x86)\PicosmosTools.part1.rar
2019-03-20 21:37 - 2019-03-20 21:37 - 005242880 _____ () C:\Program Files (x86)\PicosmosTools.part2.rar
2019-03-20 21:37 - 2019-03-20 21:37 - 001703959 _____ () C:\Program Files (x86)\PicosmosTools.part3.rar
2016-04-08 20:24 - 2016-04-08 20:24 - 000099384 _____ () C:\Users\Vilem\AppData\Roaming\ezpinst.exe
2016-11-03 21:44 - 2020-11-04 09:14 - 000099384 _____ () C:\Users\Vilem\AppData\Roaming\inst.exe
2016-04-08 20:24 - 2020-11-04 09:14 - 000007859 _____ () C:\Users\Vilem\AppData\Roaming\pcouffin.cat
2016-04-08 20:24 - 2020-11-04 09:14 - 000001167 _____ () C:\Users\Vilem\AppData\Roaming\pcouffin.inf
2015-11-28 21:17 - 2020-11-04 09:14 - 000000055 _____ () C:\Users\Vilem\AppData\Roaming\pcouffin.log
2016-04-08 20:24 - 2020-11-04 09:14 - 000082816 _____ (VSO Software) C:\Users\Vilem\AppData\Roaming\pcouffin.sys
2019-12-19 18:47 - 2020-03-30 10:24 - 000005632 _____ () C:\Users\Vilem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-12-29 15:10 - 2020-12-29 15:10 - 000000000 _____ () C:\Users\Vilem\AppData\Local\oobelibMkey.log
2019-10-15 18:18 - 2021-04-04 19:23 - 000007622 _____ () C:\Users\Vilem\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2021
Ran by Vilem (14-11-2021 15:21:33)
Running from C:\Users\Vilem\Desktop\FRST
Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) (2020-10-03 12:27:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-341233860-2387372215-3518537327-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-341233860-2387372215-3518537327-503 - Limited - Disabled)
Guest (S-1-5-21-341233860-2387372215-3518537327-501 - Limited - Disabled)
Vilem (S-1-5-21-341233860-2387372215-3518537327-1001 - Administrator - Enabled) => C:\Users\Vilem
WDAGUtilityAccount (S-1-5-21-341233860-2387372215-3518537327-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Disabled - Out of date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Photoshop 7.0 CE (HKLM-x32\...\Adobe Photoshop 7.0 CE) (Version: 7.0 CE - Adobe Systems, Inc.)
Advanced IP Scanner 2.5 (HKLM-x32\...\{12830D25-D77C-46B1-902E-2CAD8878CE95}) (Version: 2.5.3499 - Famatech)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.2 - Ashampoo GmbH & Co. KG)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.2 - ASUS)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.4.4.44 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
DVDFab Platinum 3.0.8.6 (HKLM-x32\...\DVDFab Platinum_is1) (Version: - Fengtao Software Inc.)
FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4252 - Intel Corporation)
InterVideo DeviceService (HKLM-x32\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
Kodi (HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\Kodi) (Version: 19.3.0.0 - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes)
LG Mobile Drivers (HKLM-x32\...\{D8D0327A-72B4-4C79-9883-1B6B6C20ED2B}) (Version: 4.0.3 - LG Electronics)
LibreOffice 5.0.4.2 (HKLM-x32\...\{14B5DDCF-61C4-4F1E-A621-844685D60B5A}) (Version: 5.0.4.2 - The Document Foundation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.78 - McAfee, LLC.)
Media Player Codec Pack 4.4.6 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.6 - Media Player Codec Pack)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.31.1 - Nikon Corporation)
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version: - )
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7514 - Realtek Semiconductor Corp.)
Recover Files 3.26 (HKLM-x32\...\Recover Files_is1) (Version: - Undelete & Unerase, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Super DVD Ripper (remove only) (HKLM-x32\...\x2VCD) (Version: - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
True Image 2013 (HKLM-x32\...\{903BAE11-EAE6-476C-801D-D75BAADE0920}) (Version: 16.0.6514 - Acronis) Hidden
True Image 2013 (HKLM-x32\...\{903BAE11-EAE6-476C-801D-D75BAADE0920}Visible) (Version: 16.0.6514 - Acronis)
Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.71 - VSO Software)
WhatsApp (HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\WhatsApp) (Version: 2.2049.10 - WhatsApp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.3 - ZONER software)
Packages:
=========
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-02-05] (ASUSTeK COMPUTER INC.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-31] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.2.261.0_x64__v10z8vjag6ke6 [2021-11-12] (HP Inc.)
Media Player -> C:\Program Files\WindowsApps\9FD20106.MediaPlayerQueen_1.2.5.0_x64__nwhm06f2kfry2 [2016-11-25] (Digital Cloud Technologies Global)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-12] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-341233860-2387372215-3518537327-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-04-18] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-04-18] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-04-18] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-04-18] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => C:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2007-03-03] (Ulead Systems, Inc. -> Ulead Systems, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-04-18] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [20992 2007-03-02] (InterVideo Digital Technology Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.MPEGacm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2006-04-17] (Ulead Systems, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.ulmp3acm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2006-01-23] (Ulead systems) [File not signed]
HKLM\...\Drivers32-x32: [vidc.mjpx] => Pvmjpg30.dll
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [246736 2017-06-22] (Cole Williams Software Limited -> )
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Vilem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Helium Backup.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gpglbgbpeobllokpmeagpoagjbfknanl
==================== Loaded Modules (Whitelisted) =============
2020-09-24 19:13 - 2012-10-09 12:21 - 001323008 ____R (Acronis) [File not signed] C:\Program Files (x86)\Common Files\Acronis\Home\libcrypto10.dll
2020-10-03 12:53 - 2020-10-03 12:53 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2016-02-15 20:02 - 2006-09-14 16:40 - 000045056 ____N (Pinnacle Systems, Inc.) [File not signed] C:\Program Files (x86)\Pinnacle\Shared Files\Filter\FileCaptureSource.ax
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IccLibDll_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig7icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCUMD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMux64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiVAD64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig7icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsBaStor.sys:$CmdTcID [64]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=37180
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {0D53A732-8758-4423-B0AD-C5D7C759AC33} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {23605601-D6F5-49BA-AF32-B8F8E4D6FF22} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {5332AFBC-241E-4DBC-9E8C-084743D3406C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {64B1FD19-21BF-4271-8330-7EE8D1262635} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {A441246E-EE91-4A20-8D71-235F1FC30790} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {AC716E7E-AAFB-4298-AE6F-B595F9984E7B} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {ADDF374F-043D-4289-8955-1BB9C4AB8A1D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {B2325E6C-AB58-489E-BFE1-C06284AE13E3} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-341233860-2387372215-3518537327-1001 -> {B49EDD39-FD5E-42B8-98CC-D470A668FA13} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-10-17] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-10-17] (Bitdefender SRL -> Bitdefender)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-08-23 18:26 - 2021-11-14 14:48 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2017-04-19 20:00 - 2018-12-31 19:04 - 000000466 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 d
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vilem\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg
DNS Servers: 192.168.88.1 - 85.162.162.162
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "Služba Acronis Scheduler2"
HKLM\...\StartupApproved\Run32: => "UVS11 Preload"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\StartupApproved\Run: => "LaunchList"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\StartupApproved\Run: => "Picosmos"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5D396F3E-70F8-48A9-8319-AB571C40544A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{5B0AD119-4105-4058-8B6E-3381A2C59F36}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{19B09C52-DE4F-44FE-A4E5-784998484F36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F217B1E1-C0C6-47CE-BE2A-163F940F5011}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EA5CB871-1470-4C0D-9E84-D02740C8990B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{38BF349C-520E-4AFB-89E4-A218A555994E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DEA3B2F4-018E-4A58-9CEF-6F56B769702A}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6CD0E4B2-C063-480B-81A1-15E01001B6F6}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{CA0C52EB-68CC-4CBE-9AF2-4E3BF9835CDB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{03A55787-F0A1-4797-88E5-9386276EC7F8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9B3F2063-BA19-4489-A0D9-25E1FBA456FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AF0964AB-F8E3-40EE-828D-382E70B538B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{72D678E2-4390-43DF-9443-628DF4735FCB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{B1B6D063-D532-450F-8249-7C48D15FD7E5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{FE0AD32C-7080-4EC9-A325-41E2A4B0E8F0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{9C566CFB-AD9E-4092-AD8D-937C3A660576}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{729C1443-2A98-41F5-8C71-D485C0CEB4B1}C:\program files (x86)\pinnacle\studio 14\programs\studio.exe] => (Block) C:\program files (x86)\pinnacle\studio 14\programs\studio.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [UDP Query User{C45DB0D4-0290-4A31-BC6D-0F665C37E6D3}C:\program files (x86)\pinnacle\studio 14\programs\studio.exe] => (Block) C:\program files (x86)\pinnacle\studio 14\programs\studio.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{72667CB3-D3CD-404C-A729-10D9FC2B9DFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E869C8FA-87A8-444A-AAFD-773B2FCFDD0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8381D6C-BDEB-4CA2-B86A-15123D0D5CCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6CE37449-49B2-4A61-9EA2-FAE3ECA39802}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0AB3AD91-B891-4206-9F4C-37239B99A69C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/14/2021 02:48:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5df073cc
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x9166324b
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b502
ID chybujícího procesu: 0x1500
Čas spuštění chybující aplikace: 0x01d7d95e45def7d9
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 4d15127d-3ee0-4598-ab46-1f9d1543e603
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/14/2021 02:48:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (11/14/2021 02:43:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5df073cc
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x9166324b
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b502
ID chybujícího procesu: 0x1460
Čas spuštění chybující aplikace: 0x01d7d95d8e50dbbd
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1e587374-91a7-4889-8b02-8f4c6632e564
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/14/2021 02:43:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (11/14/2021 02:37:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5df073cc
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x9166324b
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b502
ID chybujícího procesu: 0x167c
Čas spuštění chybující aplikace: 0x01d7d95cd0c7f2f4
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 93288d14-233f-4868-b15b-49023f2a4a79
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/14/2021 02:37:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (11/14/2021 02:28:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5df073cc
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x9166324b
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b502
ID chybujícího procesu: 0x16d4
Čas spuštění chybující aplikace: 0x01d7d95b72c744f6
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ec6eddb8-df20-49f9-a30a-5305e8e8c2e1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/14/2021 02:28:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
System errors:
=============
Error: (11/14/2021 02:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/14/2021 02:48:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).
Error: (11/14/2021 02:48:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:43:01, 14.11.2021) bylo neočekávané.
Error: (11/14/2021 02:43:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/14/2021 02:43:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).
Error: (11/14/2021 02:38:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/14/2021 02:38:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).
Error: (11/14/2021 02:28:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===============
Date: 2021-11-14 14:40:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-11-14 14:39:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X553MA.209 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 71%
Total physical RAM: 3982.56 MB
Available physical RAM: 1134.43 MB
Total Virtual: 5582.56 MB
Available Virtual: 2556.47 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:185.74 GB) (Free:65.62 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:26.72 GB) NTFS
Drive e: (Můj film) (CDROM) (Total:4.13 GB) (Free:0 GB) UDF
\\?\Volume{9a95f04b-28af-455d-b4da-d5339d74b097}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{428dac14-d9f3-4ae2-9577-00385acce128}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{a8743280-3264-45dc-85de-7b6aba284dac}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.14 GB) NTFS
\\?\Volume{f77c8be7-842b-4689-8bc3-db3b32013dcc}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 61561CB3)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a54-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a95-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b8bb-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b94d-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {c7fef861-9557-11eb-bd43-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {e276aad4-953a-11eb-bd3b-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U1 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IccLibDll_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig7icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCUMD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMux64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiVAD64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig7icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsBaStor.sys:$CmdTcID [64]
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
provedeno tu je log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-11-2021
Ran by Vilem (15-11-2021 13:06:11) Run:7
Running from C:\Users\Vilem\Desktop\FRST
Loaded Profiles: Vilem
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a54-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a95-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b8bb-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b94d-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {c7fef861-9557-11eb-bd43-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {e276aad4-953a-11eb-bd3b-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U1 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IccLibDll_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig7icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCUMD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMux64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiVAD64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig7icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsBaStor.sys:$CmdTcID [64]
EmptyTemp:
Reboot:
End
*****************
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083d4a54-0558-11e9-bc5a-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083d4a95-0558-11e9-bc5a-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a13b8bb-954b-11eb-bd3c-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a13b94d-954b-11eb-bd3c-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7fef861-9557-11eb-bd43-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e276aad4-953a-11eb-bd3b-5c93a2cd27fc} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully
avgbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\PCASp60 => removed successfully
PCASp60 => service removed successfully
C:\WINDOWS\system32\AERTAC64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\AERTAR64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\CustomModeApp.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\CustomModeAppv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPA64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPD64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPO64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\difx64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DPTopologyApp.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DPTopologyAppv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSBoostDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGFXAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGFXAPONS64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSLFXAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSLimiterDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSNeoPCDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSSymmetryDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSU2PGFX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSU2PLFX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSU2PREC64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\FMAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\GfxUIEx.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Gfxv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Gfxv4_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IccLibDll_x64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\ig7icd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igd10iumd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdail64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdbcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdde64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdfcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdmd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdrcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdumdim64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdusc64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfx11cmrt64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxcmjit64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxcmrt64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCPL.cpl => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCUIService.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCUIServicePS.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDH.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDHLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDHLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDI.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDILib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDILibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDTCM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEM.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEMLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEMLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxexps.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxext.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxHK.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHMLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHMLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxOSP.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxTray.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\iglhcp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\iglhsip64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelOpenCL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiAAC64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiLogServer64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiMCUMD64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiMux64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiUMS64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiUtils64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiVAD64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\KAAPORT64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO20.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO30.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO4064.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioEQ64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxVolumeSDAPO.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\OpenCL.DLL => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEA64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EED64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEG64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEL64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RCoInstII64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RltkAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RP3DAA64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RP3DHT64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTCOM64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtCRX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtDataProc64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEED64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEG64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEL64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkApi64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkCfg64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkCoLDR64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtlCPAPI64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtPgEx64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTSnMg64.cpl => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFCOM64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFNHK64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFSS_APO.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSHP64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSTSH64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSTSX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSWOW64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tadefxapo.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tadefxapo264.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tepeqapo64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tosade.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\ig7icd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igd10iumd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdail32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdbcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdde32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdfcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdmd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdrcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdumdim32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdusc32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfx11cmrt32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxcmjit32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxcmrt32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxexps32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\iglhcp32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\iglhsip32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\IntelOpenCL32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\OpenCL.DLL => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\RsCRIcon.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\SFCOM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\igdkmd64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\RTKVHD64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\RtsBaStor.sys => ":$CmdTcID" ADS removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12251708 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 952849 B
Edge => 13429 B
Chrome => 128680535 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Vilem => 32727331 B
RecycleBin => 0 B
EmptyTemp: => 166.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:06:39 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-11-2021
Ran by Vilem (15-11-2021 13:06:11) Run:7
Running from C:\Users\Vilem\Desktop\FRST
Loaded Profiles: Vilem
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a54-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {083d4a95-0558-11e9-bc5a-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b8bb-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {9a13b94d-954b-11eb-bd3c-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {c7fef861-9557-11eb-bd43-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\...\MountPoints2: {e276aad4-953a-11eb-bd3b-5c93a2cd27fc} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U1 aswbdisk; no ImagePath
U1 avgbdisk; no ImagePath
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CustomModeAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IccLibDll_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig7icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCUMD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMux64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiVAD64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig7icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsBaStor.sys:$CmdTcID [64]
EmptyTemp:
Reboot:
End
*****************
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083d4a54-0558-11e9-bc5a-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083d4a95-0558-11e9-bc5a-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a13b8bb-954b-11eb-bd3c-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a13b94d-954b-11eb-bd3c-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7fef861-9557-11eb-bd43-5c93a2cd27fc} => removed successfully
HKU\S-1-5-21-341233860-2387372215-3518537327-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e276aad4-953a-11eb-bd3b-5c93a2cd27fc} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully
avgbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\PCASp60 => removed successfully
PCASp60 => service removed successfully
C:\WINDOWS\system32\AERTAC64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\AERTAR64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\CustomModeApp.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\CustomModeAppv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPA64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPD64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPO64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\difx64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DPTopologyApp.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DPTopologyAppv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSBoostDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGFXAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGFXAPONS64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSLFXAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSLimiterDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSNeoPCDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSSymmetryDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSU2PGFX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSU2PLFX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSU2PREC64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\FMAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\GfxUIEx.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Gfxv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Gfxv4_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IccLibDll_x64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\ig7icd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igd10iumd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdail64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdbcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdde64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdfcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdmd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdrcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdumdim64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdusc64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfx11cmrt64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxcmjit64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxcmrt64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCPL.cpl => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCUIService.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCUIServicePS.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDH.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDHLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDHLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDI.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDILib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDILibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDTCM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEM.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEMLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEMLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxexps.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxext.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxHK.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHMLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHMLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxOSP.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxTray.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\iglhcp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\iglhsip64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelOpenCL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiAAC64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiLogServer64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiMCUMD64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiMux64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiUMS64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiUtils64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiVAD64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\KAAPORT64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO20.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO30.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO4064.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioEQ64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxVolumeSDAPO.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\OpenCL.DLL => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEA64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EED64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEG64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEL64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RCoInstII64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RltkAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RP3DAA64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RP3DHT64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTCOM64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtCRX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtDataProc64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEED64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEG64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEL64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkApi64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkCfg64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkCoLDR64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtlCPAPI64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtPgEx64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTSnMg64.cpl => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFCOM64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFNHK64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SFSS_APO.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSHP64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSTSH64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSTSX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSWOW64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tadefxapo.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tadefxapo264.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tepeqapo64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\tosade.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\ig7icd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igd10iumd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdail32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdbcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdde32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdfcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdmd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdrcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdumdim32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdusc32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfx11cmrt32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxcmjit32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxcmrt32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxexps32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\iglhcp32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\iglhsip32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\IntelOpenCL32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\OpenCL.DLL => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\RsCRIcon.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\SFCOM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\igdkmd64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\RTKVHD64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\RtsBaStor.sys => ":$CmdTcID" ADS removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12251708 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 952849 B
Edge => 13429 B
Chrome => 128680535 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Vilem => 32727331 B
RecycleBin => 0 B
EmptyTemp: => 166.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:06:39 ====
Re: Prosím o kontrolu logu
ak to bola iba preventivka, tak mame hotovo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
díky .zdravím
Re: Prosím o kontrolu logu
Ahoj 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?