Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím preventivně?

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
lola
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 12 pro 2014 21:02

Prosím preventivně?

#1 Příspěvek od lola »

Dost se zpomalil..
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Jirka (11-02-2022 11:33:16)
Running from C:\Users\Jirka\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-09-07 08:04:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3534509474-1781900124-1265873159-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3534509474-1781900124-1265873159-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-3534509474-1781900124-1265873159-503 - Limited - Disabled)
Guest (S-1-5-21-3534509474-1781900124-1265873159-501 - Limited - Disabled)
Jirka (S-1-5-21-3534509474-1781900124-1265873159-1001 - Administrator - Enabled) => C:\Users\Jirka
WDAGUtilityAccount (S-1-5-21-3534509474-1781900124-1265873159-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
ApowerREC V1.4.9.17 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.4.9.17 - Apowersoft LIMITED)
Apowersoft Online Launcher version 1.7.7 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.7 - APOWERSOFT LIMITED)
Apowersoft Online Launcher version 1.8.0 (HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.0 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač verze 6.4.6 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 21.11.3215 - AVG Technologies)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.2 - Canon Inc.)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - )
Canon Nástroj pro rychlou volbu2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.5 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TR7500 series Elektronická příručka (HKLM-x32\...\Canon TR7500 series Elektronická příručka) (Version: 1.1.0 - Canon Inc.)
Canon TR7500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TR7500_series) (Version: 1.01 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0716 - Lenovo)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 20.950 (20201201_13) - Solitea Česká republika, a.s.)
Ekonomický systém Money S3 START (HKLM-x32\...\Money S3 START) (Version: 22.110 (20220127_09) - Solitea Česká republika, a.s.)
eM Client (HKLM-x32\...\{DCA2551A-C6C8-413E-85B5-5FECAAE001AF}) (Version: 8.2.1659.0 - eM Client Inc.)
FileOpen Client B978 (HKLM\...\FileOpenClient_is1) (Version: B978 - FileOpen Systems, Inc.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.27.0.77 - Software602 a.s.)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 97.0 (x64 cs)) (Version: 97.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
OpenOffice 4.1.11 (HKLM-x32\...\{1006FF60-29FF-49F8-B688-D148DB487136}) (Version: 4.111.9808 - Apache Software Foundation)
PowerChute Personal Edition (HKLM-x32\...\APC) (Version: 3.1.0 - Schneider Electric)
Print Conductor 7.1 (HKLM-x32\...\Print Conductor_is1) (Version: 7.1 - fCoder SIA)
ProFact 4.0 (HKLM-x32\...\ProFact 4.0_is1) (Version: - eXmind)
Příjmové a výdajové doklady (HKLM-x32\...\Příjmové a výdajové doklady_is1) (Version: - eXmind)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon iP2700 series (HKLM-x32\...\Registrace uživatele zařízení Canon iP2700 series) (Version: - )
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Software602 Form Filler (HKLM-x32\...\{F8F79FE0-64EA-439C-A6AE-B1946A178F24}) (Version: 4.55 - Software602 a.s.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UZEL Evidence (HKLM-x32\...\UZEL Evidence_is1) (Version: - hxxp://swuzel.sweb.cz/)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Driver Package - Realtek Semiconduct Corp. (RTSUER) USB (05/11/2015 6.3.9600.31213) (HKLM\...\8B76AD3EEC17650CAFD6EEFD418B2454C10BC71B) (Version: 05/11/2015 6.3.9600.31213 - Realtek Semiconduct Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
xVideos Video Downloader 3.32 (HKLM-x32\...\xVideos Video Downloader_is1) (Version: - DownloadToolz, Inc.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-10-19] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2020-10-19] (LENOVO INCORPORATED.)
Viewer for Excel -> C:\Program Files\WindowsApps\32581DocumentManagement.ViewerforExcel_1.88.0.0_neutral__bxxb0jeh05ret [2020-10-19] (Document Management)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3 START] => C:\Users\Public\Documents\Solitea\Money S3 START\PRINT\ [0000-00-00 00:00]
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-11-05 20:34 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\cnmpu.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000915376 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\pdcdll.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000574896 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsControl.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000534960 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsDevice.dll
2019-06-07 17:01 - 2019-06-07 17:01 - 002200576 _____ (Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\res.dll
2017-03-08 15:35 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001 -> DefaultScope {D3D44F78-EB33-4224-99AB-0F2CDE1FA5C7} URL =
SearchScopes: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001 -> {D3D44F78-EB33-4224-99AB-0F2CDE1FA5C7} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\unmz.cz -> hxxps://csnonline.unmz.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2021-06-24 18:25 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\RogueKiller;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Print Conductor;
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 79.98.72.27 - 79.98.72.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: FastbootService => 2
MSCONFIG\Services: LenovoPortalService => 2
MSCONFIG\Services: LSCWinService => 3
MSCONFIG\Services: Sks8821 => 2
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "UpdateP2GoShortCut"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Display"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenu"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "VideoDownloadCapture"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4118C0F9-15A1-4CBC-865C-610A53738A3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D420995C-D324-47B3-90B2-C9AE4050453A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{197E9891-7E9C-4CD2-A07C-ED9B6684DBC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B3F7E03-0C2A-4601-BA05-4CAD94754424}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC7C0B55-093A-4BAF-AC22-BFEE3DE89573}] => (Allow) C:\Users\Jirka\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{512E1B13-2113-4323-A11A-16E3B4E58BB7}] => (Allow) C:\Users\Jirka\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [UDP Query User{A5719604-78C5-4D8E-9D18-5B87BDED4CF4}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{C442E58F-42ED-4EC3-8220-CFE0D4246549}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{9C8C2357-6A39-4BCD-88C2-39EDDAB27383}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C8ACA574-FE81-4C4C-9C62-48E48342298B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{085892DE-8C2D-4CC4-AD76-99E73D842320}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E9EC6E99-116D-4EB8-9B84-EEB6EECCEDDC}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{71EA5830-8F32-40CD-A3B5-553704AEEFBC}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8E219A84-B9F4-47AD-B5BD-926CBB6DC8F2}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{F27D5CA3-E70D-40AD-B2D6-2F735D29821B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{09697EAB-0283-441A-BB64-419735BC4A8E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EEFD40FD-3E5F-48C0-A2BA-56F7C1CA65BD}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{E8EA506E-722B-4FA4-8127-FE84B7082871}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{66A0CB8D-575E-4EC0-BCDC-C3742331AA16}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{FA22890D-D5EF-4B26-8D8A-758C328DFBA7}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{3C84EE1B-C0B8-404C-A2B3-DA54136A3BF9}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A202A91A-9569-453D-A1F4-72E6DBEBBD34}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F58531AE-EBA4-4C88-85C9-C7E9EB188AF6}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5D1EAAA1-F851-4FAC-BC07-50E81468269C}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{30B776ED-AC98-4D14-866B-08FA80E4AFFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-01-2022 10:07:04 Naplánovaný kontrolní bod
31-01-2022 10:16:38 Naplánovaný kontrolní bod
06-02-2022 12:01:26 Windows Zálohování
09-02-2022 08:29:08 Instalační služba modulů systému Windows
09-02-2022 08:33:01 Instalační služba modulů systému Windows
09-02-2022 08:35:38 Instalační služba modulů systému Windows
11-02-2022 08:03:38 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/09/2022 04:29:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/09/2022 04:29:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/09/2022 09:43:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TiWorker.exe, verze: 10.0.19041.1525, časové razítko: 0xd81ad4ae
Název chybujícího modulu: cbscore.dll, verze: 10.0.19041.1525, časové razítko: 0x84ce35ef
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000009edd8
ID chybujícího procesu: 0xec8
Čas spuštění chybující aplikace: 0x01d81d8787d6c4e0
Cesta k chybující aplikaci: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\cbscore.dll
ID zprávy: 3f0aae61-6464-4f37-bb82-75afc03b65ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/09/2022 08:44:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.1288, časové razítko: 0x17884906
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1466, časové razítko: 0xe01c7650
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x3628
Čas spuštění chybující aplikace: 0x01d81d8741db6b42
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8875b986-e42c-432c-8f3d-dc43ed8f830b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/11/2022 10:45:01 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.

Error: (02/11/2022 10:43:36 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/11/2022 10:41:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.

Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba APC Data Service závisí na službě APC UPS Service, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba APC UPS Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby APC UPS Service bylo dosaženo časového limitu (45000 ms).

Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ImControllerService bylo dosaženo časového limitu (45000 ms).


CodeIntegrity:
===============
Date: 2022-02-11 11:10:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-02-11 10:38:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 86%
Total physical RAM: 4005.27 MB
Available physical RAM: 543.17 MB
Total Virtual: 6181.27 MB
Available Virtual: 2289.13 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:433.92 GB) (Free:320.81 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Disk záloh) (CDROM) (Total:4.37 GB) (Free:0 GB) CDFS
Drive e: (ELMER) (Removable) (Total:7.47 GB) (Free:7.06 GB) FAT32
Drive f: (ADATA UFD) (Removable) (Total:7.16 GB) (Free:3.5 GB) FAT32
Drive g: () (Removable) (Total:0.48 GB) (Free:0.48 GB) FAT
Drive h: (Elements) (Fixed) (Total:1397.23 GB) (Free:379.97 GB) NTFS

\\?\Volume{12f3f087-1cf8-43fb-897f-86276cf26e57}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{d751cf0b-d3dd-4384-91dd-e365347c9713}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:16.4 GB) NTFS
\\?\Volume{8fe6c00a-ebb0-4b79-a562-77410841cb20}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5E59A8FD)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397.2 GB) (Disk ID: B8CF6326)
Partition 1: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0B)

==========================================================
Disk: 4 (Protective MBR) (Size: 488.5 MB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by Jirka (administrator) on DESKTOP-5L00R9K (LENOVO 90F1001FCK) (11-02-2022 11:28:13)
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka
Platform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Solitea, a.s. -> Solitea Česká republika, a.s.) C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2203648 2015-07-24] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1459160 2017-02-03] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [190904 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-02] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [480176 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [VideoDownloadCapture] => C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe [6540952 2018-09-11] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe [18529320 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [CCleanerBrowserAutoLaunch_1883732B6BBDD45C9018A763BB4511D1] => "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Policies\Explorer: [NoDrives] 00000007
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe [18529320 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
HKLM\...\Windows x64\Print Processors\Canon iP2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA4.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TR7500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDM.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR7500 series: C:\WINDOWS\system32\CNCALDM.DLL [254464 2017-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP2700 series: C:\WINDOWS\system32\CNMLMA4.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR7500 series: C:\WINDOWS\system32\CNMLMDM.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2020-06-05]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric -> Schneider Electric) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FDF91E-C920-45A1-AF1E-57B30284CAE6} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe LOGON (No File)
Task: {1ACB8312-4BFB-4451-9781-BC44E4F4E8BA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1C0D7B9E-763F-4513-ADEB-6ABA8F0E4342} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {20361C2D-0F12-4CDA-8C85-CB25FEAC59B1} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-13] (LENOVO -> )
Task: {20953805-8E68-4788-AFD7-63CFB9F128BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6baade38-6b00-4710-9ccc-fd9e8f711826 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {2C1FF07A-F624-4FDD-89F9-0722E2D22169} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {510F3BAA-A506-4247-9E85-7B1CD1D8BCD5} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-30] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {53ED1094-47FB-4129-9AD1-01F13BDF8724} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\03c1b8ee-ae32-4c34-9a9a-05d3768bf882 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {645168DA-3C25-4EB7-81AE-3D66483A9DC8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {85217589-DF40-4A4C-981D-390B7DFD8701} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9B2C8D3F-89DB-4AEF-A37D-1B11930B3051} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {A084237B-4EB6-4B2A-8124-21BE626F5FC8} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-03-08] (LENOVO -> Lenovo)
Task: {B2CD0492-524D-4271-A453-0CBEDDBAC96E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {BBB22B95-AE49-4C65-9AC6-3810A51E17BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {C13DAD95-387B-4AF0-8DAB-48C04132853E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C5D2D632-DB40-4479-94C1-F7F223A0F2E7} - System32\Tasks\eM Client Database Backup (S-1-5-21-3534509474-1781900124-1265873159-1001) => C:\Program Files (x86)\eM Client\MailClient.exe [240288 2021-10-07] (eM Client, s.r.o. -> eM Client s.r.o.)
Task: {C7FAE1A4-06E0-451D-A334-94334969CAAF} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1413384 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CAF5970D-5F4F-4CBC-BBFA-BD4C0C165967} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DC9D97F9-21C4-45BE-A92F-6FD2F96D2CA8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\49027832-4817-4192-9a9d-8842f884b999 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DE04CF9D-E91D-47B1-904F-0CFE68737BAD} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {E3A03211-3A39-4663-AC25-E2FEEF51F95D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E817DB57-C9C5-4337-B95C-C8443B946046} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-13] (LENOVO -> )
Task: {EE5D1868-0CD7-486C-A09C-AFE483A7D215} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [5002680 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {F1A99A25-E519-4B96-9B8B-11A995A5BC5D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {F881B307-B704-42B4-824E-6F06FD960B01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
Task: {FA86FB7D-7CA1-4978-866F-34E8BC1B9892} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FDFE7550-FA33-4BF3-A34C-189B85AF53D8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6a9cd1c6-757c-4900-999b-33d7ee3160b3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{e178b505-66bd-4d4e-804d-8e2a74cb8464}: [DhcpNameServer] 79.98.72.27 79.98.72.2

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jirka\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-05]
Edge HomePage: Default -> hxxp://www.idnes.cz/
Edge StartupUrls: Default -> "hxxp://www.blesk.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: v7lb8ezr.default-1614698427935
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\v7lb8ezr.default-1614698427935 [2022-02-11]
FF Homepage: Mozilla\Firefox\Profiles\v7lb8ezr.default-1614698427935 -> www.idnes.cz
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2022-02-11]
CHR HomePage: Default -> hxxp://www.sledovanitv.cz/
CHR StartupUrls: Default -> "hxxps://sledovanitv.cz/home#ct1"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-18]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR Profile: C:\Users\Jirka\AppData\Roaming\Opera Software\Opera Stable [2021-06-24]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [14256 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
S2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [4261808 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [485816 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [485816 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8517744 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2017-03-02] (Canon Inc. -> CANON INC.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [349656 2017-02-03] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 MonS3Service; C:\Program Files (x86)\Common Files\Solitea\MonS3Service.exe [1694992 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
S4 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [36920 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [222248 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [369288 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [253064 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [100488 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [21960 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42552 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [186424 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [540192 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109056 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84120 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [853944 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [545312 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215576 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [318904 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-11-24] (CPUID S.A.R.L.U. -> CPUID)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-09-10] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2021-06-08] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-11 11:28 - 2022-02-11 11:30 - 000027104 _____ C:\Users\Jirka\Downloads\FRST.txt
2022-02-11 11:27 - 2022-02-11 11:29 - 000000000 ____D C:\FRST
2022-02-11 11:25 - 2022-02-11 11:25 - 002311680 _____ (Farbar) C:\Users\Jirka\Downloads\FRST64.exe
2022-02-11 08:03 - 2022-02-11 08:03 - 000000000 ___HD C:\$WinREAgent
2022-02-09 09:33 - 2022-02-09 09:33 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-09 09:32 - 2022-02-09 09:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-09 09:30 - 2022-02-09 09:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-09 09:30 - 2022-02-09 09:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-09 09:30 - 2022-02-09 09:30 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-09 08:12 - 2022-02-11 11:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-08 20:25 - 2022-02-09 09:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-02-08 16:26 - 2022-02-08 16:27 - 000171962 _____ C:\Users\Jirka\Downloads\priloha_999652310_0_p700654136_530718052.pdf
2022-02-05 12:07 - 2022-02-05 12:07 - 000228315 _____ C:\Users\Jirka\Downloads\priloha_999108037_0_VZP_OSVC.pdf
2022-01-27 13:47 - 2022-01-27 13:47 - 000073511 _____ C:\Users\Jirka\Downloads\priloha_995080691_0_Vyuctovani_2021-Bohacek_Jiri.pdf
2022-01-25 18:30 - 2022-01-25 18:30 - 000331066 _____ C:\Users\Jirka\Downloads\817525853.pdf
2022-01-24 12:10 - 2022-01-24 12:10 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002(2).pdf
2022-01-24 12:08 - 2022-01-24 12:08 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002(1).pdf
2022-01-24 12:03 - 2022-01-24 12:03 - 000006967 _____ C:\Users\Jirka\Downloads\priloha_993023091_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-DC266964E869426296CE72001C622063-992950568.html
2022-01-23 15:43 - 2022-01-23 15:43 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002.pdf
2022-01-23 11:40 - 2022-01-23 11:40 - 000002008 _____ C:\Users\Jirka\Downloads\OSVC(1).xml
2022-01-23 11:31 - 2022-01-23 11:31 - 000001969 _____ C:\Users\Jirka\Downloads\OSVC_2021.xml
2022-01-21 10:28 - 2022-01-21 10:28 - 000068911 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211201-20211231_cislo-8.pdf
2022-01-21 10:28 - 2022-01-21 10:28 - 000061380 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211101-20211130_cislo-7.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000074125 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211001-20211031_cislo-6.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000064256 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210801-20210831_cislo-4.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000062841 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210901-20210930_cislo-5.pdf
2022-01-21 10:26 - 2022-01-21 10:26 - 000062130 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210701-20210731_cislo-3.pdf
2022-01-21 09:59 - 2022-01-21 09:59 - 000195338 _____ C:\Users\Jirka\Downloads\12590160_200101_220121.pdf
2022-01-21 09:54 - 2022-01-21 09:54 - 000332993 _____ C:\Users\Jirka\Downloads\12590160_180801_220121.pdf
2022-01-15 10:15 - 2022-01-15 10:16 - 000055390 _____ C:\Users\Jirka\Downloads\web_new Cenik_elektrina_dobu_neurcitou_MOO_202112_CEZDI(1).pdf
2022-01-15 09:06 - 2022-01-15 09:06 - 018537027 _____ C:\Users\Jirka\Downloads\Elektroprumysl_leden_2022.pdf
2022-01-14 09:29 - 2022-01-14 09:29 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 09:29 - 2022-01-14 09:29 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 16:03 - 2022-01-13 16:03 - 000055390 _____ C:\Users\Jirka\Downloads\web_new Cenik_elektrina_dobu_neurcitou_MOO_202112_CEZDI.pdf
2022-01-13 15:43 - 2022-01-13 15:43 - 000155262 _____ C:\Users\Jirka\Downloads\Faktura_0011226537_4126698900_2144259691.PDF
2022-01-13 11:11 - 2022-01-13 11:36 - 000213406 _____ C:\Users\Jirka\Documents\lm.odt
2022-01-13 11:07 - 2022-01-13 11:07 - 000061953 _____ C:\Users\Jirka\Downloads\html2pdf.zip
2022-01-13 10:55 - 2022-01-13 10:55 - 000029646 _____ C:\Users\Jirka\Downloads\napajeci-modul-lm2596-dc-dc-step-down-buck.html
2022-01-12 11:10 - 2022-01-12 11:10 - 000088022 _____ C:\Users\Jirka\Downloads\06143620_211127_220112.pdf
2022-01-12 11:10 - 2022-01-12 11:10 - 000087495 _____ C:\Users\Jirka\Downloads\06143620_211127_211231.pdf
2022-01-12 11:09 - 2022-01-12 11:09 - 000079752 _____ C:\Users\Jirka\Downloads\06143620_220112_220112.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-11 11:11 - 2020-09-07 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-11 11:11 - 2017-03-10 19:27 - 000000000 ____D C:\Users\Jirka\AppData\LocalLow\Mozilla
2022-02-11 11:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-11 11:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-11 11:06 - 2017-03-08 18:52 - 000000000 ____D C:\Users\Jirka\Documents\eM Client
2022-02-11 11:02 - 2021-01-12 17:27 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\eM Client
2022-02-11 10:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-11 10:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-11 10:43 - 2020-09-07 08:38 - 001693398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-11 10:43 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-11 10:43 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-11 10:41 - 2017-04-29 12:08 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-02-11 10:41 - 2017-03-08 23:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-11 10:41 - 2017-03-08 22:25 - 000000000 __SHD C:\Users\Jirka\IntelGraphicsProfiles
2022-02-11 10:37 - 2020-09-07 08:21 - 000482832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-11 10:37 - 2017-03-28 11:10 - 000000000 ____D C:\ProgramData\Avg
2022-02-11 10:36 - 2020-09-07 09:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-11 10:36 - 2020-09-07 08:21 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-11 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-11 10:35 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-11 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-11 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-11 10:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-11 08:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-10 16:22 - 2021-11-24 10:05 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-02-10 16:22 - 2021-09-15 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-02-10 16:22 - 2020-09-07 09:02 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-10 16:22 - 2020-09-07 09:02 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-02-10 16:22 - 2020-09-07 09:02 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-10 16:22 - 2020-09-07 09:02 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-10 16:22 - 2020-09-07 09:02 - 000003262 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-02-10 16:22 - 2020-09-07 09:02 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-10 16:22 - 2020-09-07 09:02 - 000003130 _____ C:\WINDOWS\system32\Tasks\eM Client Database Backup (S-1-5-21-3534509474-1781900124-1265873159-1001)
2022-02-10 16:22 - 2020-09-07 09:02 - 000002976 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-02-10 16:22 - 2020-09-07 09:02 - 000002596 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-02-10 16:22 - 2020-09-07 09:02 - 000002524 _____ C:\WINDOWS\system32\Tasks\ebtools
2022-02-10 16:22 - 2020-09-07 09:02 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2022-02-10 16:22 - 2020-09-07 09:02 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-02-10 16:22 - 2020-09-07 09:02 - 000002212 _____ C:\WINDOWS\system32\Tasks\PDVDServ12 Task
2022-02-10 16:09 - 2021-12-28 10:37 - 000013924 _____ C:\Users\Jirka\Desktop\elm.ods
2022-02-09 10:39 - 2017-03-08 19:12 - 304522214 _____ C:\Users\Jirka\Documents\zaloha.ar!
2022-02-09 09:46 - 2017-03-10 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-09 09:30 - 2020-09-07 08:27 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-09 08:40 - 2021-10-09 08:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-09 08:28 - 2017-03-17 02:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 08:18 - 2017-03-08 16:05 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-09 08:12 - 2019-02-05 08:58 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-09 08:12 - 2017-03-10 19:26 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-08 16:34 - 2017-10-23 11:36 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-02-05 10:22 - 2017-12-06 10:38 - 000000000 ____D C:\Users\Jirka\AppData\Local\Packages
2022-02-05 08:09 - 2020-06-07 08:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-05 08:09 - 2020-06-07 08:17 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-04 13:50 - 2020-01-20 11:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-04 13:50 - 2020-01-20 11:31 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-04 08:19 - 2021-01-22 08:18 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-03 09:34 - 2017-03-08 19:01 - 000000000 ____D C:\Users\Jirka\Documents\Alena
2022-01-31 08:20 - 2018-01-14 13:24 - 000000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2022-01-30 18:19 - 2017-03-11 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-01-28 20:04 - 2020-08-04 17:31 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-28 20:04 - 2020-08-04 17:31 - 000064256 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-28 20:04 - 2017-10-06 15:28 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-28 20:03 - 2020-08-04 17:31 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-27 16:58 - 2018-05-02 09:46 - 000000000 ____D C:\Users\Jirka\Documents\Jirka zdrav.stav
2022-01-24 09:01 - 2020-05-09 08:10 - 000000000 ____D C:\Users\Jirka\Desktop\Lhůty revizí MÚ
2022-01-22 09:50 - 2017-06-06 13:46 - 000000000 ____D C:\Users\Jirka\Documents\Děda
2022-01-22 09:48 - 2020-09-12 07:33 - 000000000 ____D C:\Users\Jirka\Desktop\OSVč + důchod 2020
2022-01-19 23:22 - 2021-01-22 08:18 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-01-19 23:22 - 2021-01-22 08:18 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-01-18 16:56 - 2017-03-08 19:10 - 000000000 ____D C:\Users\Jirka\Documents\Hes
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 08:19 - 2017-03-10 08:44 - 000000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2022-01-13 01:06 - 2020-08-04 17:31 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\SET878C.tmp
2022-01-13 01:06 - 2020-08-04 17:31 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\SETA98E.tmp
2022-01-12 09:46 - 2017-03-08 22:54 - 000000000 ____D C:\Users\Jirka\AppData\Local\ElevatedDiagnostics
2022-01-12 08:36 - 2021-10-13 07:30 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ========

2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\en_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\es_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021880 _____ (Schneider Electric) C:\Users\Jirka\fr_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021880 _____ (Schneider Electric) C:\Users\Jirka\grm_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\it_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000020344 _____ (Schneider Electric) C:\Users\Jirka\jp_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 001079808 _____ (Microsoft Corporation) C:\Users\Jirka\mfc80u.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000626688 _____ (Microsoft Corporation) C:\Users\Jirka\msvcr80.dll
2017-03-11 08:36 - 2019-06-03 16:30 - 013923704 _____ (Schneider Electric) C:\Users\Jirka\PCPE Setup.exe
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\pt_res.dll
2017-03-11 08:36 - 2019-06-03 16:30 - 000018808 _____ () C:\Users\Jirka\ResourceReader.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000020856 _____ (Schneider Electric) C:\Users\Jirka\ru_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000019832 _____ (Schneider Electric) C:\Users\Jirka\zh_res.dll
2017-03-15 18:08 - 2017-03-15 18:23 - 000000045 _____ () C:\Users\Jirka\AppData\Roaming\MCVi2UserDetail.ini
2019-10-06 09:38 - 2019-10-06 09:38 - 000003584 _____ () C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-29 09:51 - 2018-12-29 09:51 - 000000093 _____ () C:\Users\Jirka\AppData\Local\fusioncache.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím preventivně?

#2 Příspěvek od JaRon »

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lola
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 12 pro 2014 21:02

Re: Prosím preventivně?

#3 Příspěvek od lola »

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Jirka (11-02-2022 14:16:24) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)



EmptyTemp:
Reboot:
End
*****************

C:\ProgramData\Temp => ":56E2E879" ADS removed successfully
C:\ProgramData\Temp => ":9482CFB4" ADS removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946c0734-6d7e-11ec-9d2e-b8aeedd88c00} => removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} => removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D8AB2F4-E982-4C3D-A566-DD72855F94CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D8AB2F4-E982-4C3D-A566-DD72855F94CF}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F904407E-2758-4D99-9422-9D31574BD215}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F904407E-2758-4D99-9422-9D31574BD215}" => removed successfully
C:\WINDOWS\System32\Tasks\ebtools => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ebtools" => removed successfully
SpyEmrg => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SpyEmrg => removed successfully
SpyEmrg => service removed successfully
HKLM\System\CurrentControlSet\Services\SpyEmrgAccess => removed successfully
SpyEmrgAccess => service removed successfully
HKLM\System\CurrentControlSet\Services\SpyEmrgGuard => removed successfully
SpyEmrgGuard => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 269028280 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 539059 B
Edge => 0 B
Chrome => 356416080 B
Firefox => 1350976927 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 276942 B
NetworkService => 276942 B
Jirka => 75121906 B

RecycleBin => 205040 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:25:57 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím preventivně?

#4 Příspěvek od JaRon »

je to lepsie :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lola
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 12 pro 2014 21:02

Re: Prosím preventivně?

#5 Příspěvek od lola »

Vypadfá to, že ano. Ještě bych prosil o kontrolu zálohování Win. Všiml jsem si, že v FRST logu jsou nějaké chyby -a poslední cca 1/2 rok mám trable s automatickou zálohou na externí disk (H). Většinou skončí s hláškou, že nezazálohoval. Pokud spustím pak ručně tak na potřetí se záloha provede. Půjde i s tímto něco udělat? Díky za Vaší rychlost.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím preventivně?

#6 Příspěvek od JaRon »

Skus postupne otestovat s prikazoveho riadku spusteneho ako spravca prikazom
chkdsk c:
Kde c: nahradis aj inymi pismenami vsetkych pouzivanych diskov
Disk ktory vykaze chyby nechas otestovat prikazom
chkdsk c: /r
Kde c: bude nahradene pismenom disku s chybami
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lola
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 12 pro 2014 21:02

Re: Prosím preventivně?

#7 Příspěvek od lola »

Díky na Vaší radu jsem spustil chkdsk na C disku. Kontrola (a oprava) skončila někdy v nočních hodinách. PC se pak asi sám i vypnul. Ráno normálně spuštěn. Zatím jede
snad 3x rychleji...
1. dotaz : Najdu někde nějaký záznam o provedeném čištění disku ?
2. dotaz: Proč chodil tak zpomaleně? Byl pouze zanesen, nebo měl jiné problémy? Děkuji. L.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím preventivně?

#8 Příspěvek od JaRon »

1. bezne chkdsk vypis nerobi
2. cca 2GB zbytocnosti, podobnu sluzbu Ti poskytne zvacsa aj CCleaner
Pekny vikend :thumbsup:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lola
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 12 pro 2014 21:02

Re: Prosím preventivně?

#9 Příspěvek od lola »

Mnohox díky a pozdrav do BB.

Odpovědět