Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím preventivně?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím preventivně?
Dost se zpomalil..
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Jirka (11-02-2022 11:33:16)
Running from C:\Users\Jirka\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-09-07 08:04:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3534509474-1781900124-1265873159-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3534509474-1781900124-1265873159-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-3534509474-1781900124-1265873159-503 - Limited - Disabled)
Guest (S-1-5-21-3534509474-1781900124-1265873159-501 - Limited - Disabled)
Jirka (S-1-5-21-3534509474-1781900124-1265873159-1001 - Administrator - Enabled) => C:\Users\Jirka
WDAGUtilityAccount (S-1-5-21-3534509474-1781900124-1265873159-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
ApowerREC V1.4.9.17 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.4.9.17 - Apowersoft LIMITED)
Apowersoft Online Launcher version 1.7.7 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.7 - APOWERSOFT LIMITED)
Apowersoft Online Launcher version 1.8.0 (HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.0 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač verze 6.4.6 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 21.11.3215 - AVG Technologies)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.2 - Canon Inc.)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - )
Canon Nástroj pro rychlou volbu2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.5 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TR7500 series Elektronická příručka (HKLM-x32\...\Canon TR7500 series Elektronická příručka) (Version: 1.1.0 - Canon Inc.)
Canon TR7500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TR7500_series) (Version: 1.01 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0716 - Lenovo)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 20.950 (20201201_13) - Solitea Česká republika, a.s.)
Ekonomický systém Money S3 START (HKLM-x32\...\Money S3 START) (Version: 22.110 (20220127_09) - Solitea Česká republika, a.s.)
eM Client (HKLM-x32\...\{DCA2551A-C6C8-413E-85B5-5FECAAE001AF}) (Version: 8.2.1659.0 - eM Client Inc.)
FileOpen Client B978 (HKLM\...\FileOpenClient_is1) (Version: B978 - FileOpen Systems, Inc.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.27.0.77 - Software602 a.s.)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 97.0 (x64 cs)) (Version: 97.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
OpenOffice 4.1.11 (HKLM-x32\...\{1006FF60-29FF-49F8-B688-D148DB487136}) (Version: 4.111.9808 - Apache Software Foundation)
PowerChute Personal Edition (HKLM-x32\...\APC) (Version: 3.1.0 - Schneider Electric)
Print Conductor 7.1 (HKLM-x32\...\Print Conductor_is1) (Version: 7.1 - fCoder SIA)
ProFact 4.0 (HKLM-x32\...\ProFact 4.0_is1) (Version: - eXmind)
Příjmové a výdajové doklady (HKLM-x32\...\Příjmové a výdajové doklady_is1) (Version: - eXmind)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon iP2700 series (HKLM-x32\...\Registrace uživatele zařízení Canon iP2700 series) (Version: - )
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Software602 Form Filler (HKLM-x32\...\{F8F79FE0-64EA-439C-A6AE-B1946A178F24}) (Version: 4.55 - Software602 a.s.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UZEL Evidence (HKLM-x32\...\UZEL Evidence_is1) (Version: - hxxp://swuzel.sweb.cz/)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Driver Package - Realtek Semiconduct Corp. (RTSUER) USB (05/11/2015 6.3.9600.31213) (HKLM\...\8B76AD3EEC17650CAFD6EEFD418B2454C10BC71B) (Version: 05/11/2015 6.3.9600.31213 - Realtek Semiconduct Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
xVideos Video Downloader 3.32 (HKLM-x32\...\xVideos Video Downloader_is1) (Version: - DownloadToolz, Inc.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-10-19] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2020-10-19] (LENOVO INCORPORATED.)
Viewer for Excel -> C:\Program Files\WindowsApps\32581DocumentManagement.ViewerforExcel_1.88.0.0_neutral__bxxb0jeh05ret [2020-10-19] (Document Management)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3 START] => C:\Users\Public\Documents\Solitea\Money S3 START\PRINT\ [0000-00-00 00:00]
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-11-05 20:34 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\cnmpu.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000915376 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\pdcdll.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000574896 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsControl.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000534960 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsDevice.dll
2019-06-07 17:01 - 2019-06-07 17:01 - 002200576 _____ (Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\res.dll
2017-03-08 15:35 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001 -> DefaultScope {D3D44F78-EB33-4224-99AB-0F2CDE1FA5C7} URL =
SearchScopes: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001 -> {D3D44F78-EB33-4224-99AB-0F2CDE1FA5C7} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\unmz.cz -> hxxps://csnonline.unmz.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2021-06-24 18:25 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\RogueKiller;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Print Conductor;
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 79.98.72.27 - 79.98.72.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: FastbootService => 2
MSCONFIG\Services: LenovoPortalService => 2
MSCONFIG\Services: LSCWinService => 3
MSCONFIG\Services: Sks8821 => 2
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "UpdateP2GoShortCut"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Display"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenu"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "VideoDownloadCapture"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4118C0F9-15A1-4CBC-865C-610A53738A3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D420995C-D324-47B3-90B2-C9AE4050453A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{197E9891-7E9C-4CD2-A07C-ED9B6684DBC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B3F7E03-0C2A-4601-BA05-4CAD94754424}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC7C0B55-093A-4BAF-AC22-BFEE3DE89573}] => (Allow) C:\Users\Jirka\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{512E1B13-2113-4323-A11A-16E3B4E58BB7}] => (Allow) C:\Users\Jirka\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [UDP Query User{A5719604-78C5-4D8E-9D18-5B87BDED4CF4}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{C442E58F-42ED-4EC3-8220-CFE0D4246549}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{9C8C2357-6A39-4BCD-88C2-39EDDAB27383}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C8ACA574-FE81-4C4C-9C62-48E48342298B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{085892DE-8C2D-4CC4-AD76-99E73D842320}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E9EC6E99-116D-4EB8-9B84-EEB6EECCEDDC}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{71EA5830-8F32-40CD-A3B5-553704AEEFBC}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8E219A84-B9F4-47AD-B5BD-926CBB6DC8F2}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{F27D5CA3-E70D-40AD-B2D6-2F735D29821B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{09697EAB-0283-441A-BB64-419735BC4A8E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EEFD40FD-3E5F-48C0-A2BA-56F7C1CA65BD}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{E8EA506E-722B-4FA4-8127-FE84B7082871}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{66A0CB8D-575E-4EC0-BCDC-C3742331AA16}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{FA22890D-D5EF-4B26-8D8A-758C328DFBA7}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{3C84EE1B-C0B8-404C-A2B3-DA54136A3BF9}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A202A91A-9569-453D-A1F4-72E6DBEBBD34}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F58531AE-EBA4-4C88-85C9-C7E9EB188AF6}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5D1EAAA1-F851-4FAC-BC07-50E81468269C}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{30B776ED-AC98-4D14-866B-08FA80E4AFFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
22-01-2022 10:07:04 Naplánovaný kontrolní bod
31-01-2022 10:16:38 Naplánovaný kontrolní bod
06-02-2022 12:01:26 Windows Zálohování
09-02-2022 08:29:08 Instalační služba modulů systému Windows
09-02-2022 08:33:01 Instalační služba modulů systému Windows
09-02-2022 08:35:38 Instalační služba modulů systému Windows
11-02-2022 08:03:38 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/09/2022 04:29:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/09/2022 04:29:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/09/2022 09:43:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TiWorker.exe, verze: 10.0.19041.1525, časové razítko: 0xd81ad4ae
Název chybujícího modulu: cbscore.dll, verze: 10.0.19041.1525, časové razítko: 0x84ce35ef
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000009edd8
ID chybujícího procesu: 0xec8
Čas spuštění chybující aplikace: 0x01d81d8787d6c4e0
Cesta k chybující aplikaci: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\cbscore.dll
ID zprávy: 3f0aae61-6464-4f37-bb82-75afc03b65ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/09/2022 08:44:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.1288, časové razítko: 0x17884906
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1466, časové razítko: 0xe01c7650
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x3628
Čas spuštění chybující aplikace: 0x01d81d8741db6b42
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8875b986-e42c-432c-8f3d-dc43ed8f830b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/11/2022 10:45:01 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.
Error: (02/11/2022 10:43:36 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/11/2022 10:41:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba APC Data Service závisí na službě APC UPS Service, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba APC UPS Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby APC UPS Service bylo dosaženo časového limitu (45000 ms).
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ImControllerService bylo dosaženo časového limitu (45000 ms).
CodeIntegrity:
===============
Date: 2022-02-11 11:10:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-02-11 10:38:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 86%
Total physical RAM: 4005.27 MB
Available physical RAM: 543.17 MB
Total Virtual: 6181.27 MB
Available Virtual: 2289.13 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:433.92 GB) (Free:320.81 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Disk záloh) (CDROM) (Total:4.37 GB) (Free:0 GB) CDFS
Drive e: (ELMER) (Removable) (Total:7.47 GB) (Free:7.06 GB) FAT32
Drive f: (ADATA UFD) (Removable) (Total:7.16 GB) (Free:3.5 GB) FAT32
Drive g: () (Removable) (Total:0.48 GB) (Free:0.48 GB) FAT
Drive h: (Elements) (Fixed) (Total:1397.23 GB) (Free:379.97 GB) NTFS
\\?\Volume{12f3f087-1cf8-43fb-897f-86276cf26e57}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{d751cf0b-d3dd-4384-91dd-e365347c9713}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:16.4 GB) NTFS
\\?\Volume{8fe6c00a-ebb0-4b79-a562-77410841cb20}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5E59A8FD)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397.2 GB) (Disk ID: B8CF6326)
Partition 1: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0B)
==========================================================
Disk: 4 (Protective MBR) (Size: 488.5 MB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by Jirka (administrator) on DESKTOP-5L00R9K (LENOVO 90F1001FCK) (11-02-2022 11:28:13)
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka
Platform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Solitea, a.s. -> Solitea Česká republika, a.s.) C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2203648 2015-07-24] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1459160 2017-02-03] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [190904 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-02] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [480176 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [VideoDownloadCapture] => C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe [6540952 2018-09-11] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe [18529320 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [CCleanerBrowserAutoLaunch_1883732B6BBDD45C9018A763BB4511D1] => "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Policies\Explorer: [NoDrives] 00000007
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe [18529320 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
HKLM\...\Windows x64\Print Processors\Canon iP2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA4.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TR7500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDM.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR7500 series: C:\WINDOWS\system32\CNCALDM.DLL [254464 2017-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP2700 series: C:\WINDOWS\system32\CNMLMA4.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR7500 series: C:\WINDOWS\system32\CNMLMDM.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2020-06-05]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric -> Schneider Electric) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00FDF91E-C920-45A1-AF1E-57B30284CAE6} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe LOGON (No File)
Task: {1ACB8312-4BFB-4451-9781-BC44E4F4E8BA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1C0D7B9E-763F-4513-ADEB-6ABA8F0E4342} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {20361C2D-0F12-4CDA-8C85-CB25FEAC59B1} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-13] (LENOVO -> )
Task: {20953805-8E68-4788-AFD7-63CFB9F128BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6baade38-6b00-4710-9ccc-fd9e8f711826 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {2C1FF07A-F624-4FDD-89F9-0722E2D22169} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {510F3BAA-A506-4247-9E85-7B1CD1D8BCD5} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-30] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {53ED1094-47FB-4129-9AD1-01F13BDF8724} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\03c1b8ee-ae32-4c34-9a9a-05d3768bf882 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {645168DA-3C25-4EB7-81AE-3D66483A9DC8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {85217589-DF40-4A4C-981D-390B7DFD8701} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9B2C8D3F-89DB-4AEF-A37D-1B11930B3051} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {A084237B-4EB6-4B2A-8124-21BE626F5FC8} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-03-08] (LENOVO -> Lenovo)
Task: {B2CD0492-524D-4271-A453-0CBEDDBAC96E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {BBB22B95-AE49-4C65-9AC6-3810A51E17BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {C13DAD95-387B-4AF0-8DAB-48C04132853E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C5D2D632-DB40-4479-94C1-F7F223A0F2E7} - System32\Tasks\eM Client Database Backup (S-1-5-21-3534509474-1781900124-1265873159-1001) => C:\Program Files (x86)\eM Client\MailClient.exe [240288 2021-10-07] (eM Client, s.r.o. -> eM Client s.r.o.)
Task: {C7FAE1A4-06E0-451D-A334-94334969CAAF} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1413384 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CAF5970D-5F4F-4CBC-BBFA-BD4C0C165967} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DC9D97F9-21C4-45BE-A92F-6FD2F96D2CA8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\49027832-4817-4192-9a9d-8842f884b999 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DE04CF9D-E91D-47B1-904F-0CFE68737BAD} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {E3A03211-3A39-4663-AC25-E2FEEF51F95D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E817DB57-C9C5-4337-B95C-C8443B946046} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-13] (LENOVO -> )
Task: {EE5D1868-0CD7-486C-A09C-AFE483A7D215} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [5002680 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {F1A99A25-E519-4B96-9B8B-11A995A5BC5D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {F881B307-B704-42B4-824E-6F06FD960B01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
Task: {FA86FB7D-7CA1-4978-866F-34E8BC1B9892} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FDFE7550-FA33-4BF3-A34C-189B85AF53D8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6a9cd1c6-757c-4900-999b-33d7ee3160b3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{e178b505-66bd-4d4e-804d-8e2a74cb8464}: [DhcpNameServer] 79.98.72.27 79.98.72.2
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jirka\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-05]
Edge HomePage: Default -> hxxp://www.idnes.cz/
Edge StartupUrls: Default -> "hxxp://www.blesk.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: v7lb8ezr.default-1614698427935
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\v7lb8ezr.default-1614698427935 [2022-02-11]
FF Homepage: Mozilla\Firefox\Profiles\v7lb8ezr.default-1614698427935 -> www.idnes.cz
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2022-02-11]
CHR HomePage: Default -> hxxp://www.sledovanitv.cz/
CHR StartupUrls: Default -> "hxxps://sledovanitv.cz/home#ct1"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-18]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Jirka\AppData\Roaming\Opera Software\Opera Stable [2021-06-24]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [14256 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
S2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [4261808 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [485816 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [485816 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8517744 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2017-03-02] (Canon Inc. -> CANON INC.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [349656 2017-02-03] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 MonS3Service; C:\Program Files (x86)\Common Files\Solitea\MonS3Service.exe [1694992 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
S4 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [36920 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [222248 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [369288 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [253064 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [100488 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [21960 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42552 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [186424 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [540192 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109056 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84120 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [853944 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [545312 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215576 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [318904 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-11-24] (CPUID S.A.R.L.U. -> CPUID)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-09-10] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2021-06-08] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-11 11:28 - 2022-02-11 11:30 - 000027104 _____ C:\Users\Jirka\Downloads\FRST.txt
2022-02-11 11:27 - 2022-02-11 11:29 - 000000000 ____D C:\FRST
2022-02-11 11:25 - 2022-02-11 11:25 - 002311680 _____ (Farbar) C:\Users\Jirka\Downloads\FRST64.exe
2022-02-11 08:03 - 2022-02-11 08:03 - 000000000 ___HD C:\$WinREAgent
2022-02-09 09:33 - 2022-02-09 09:33 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-09 09:32 - 2022-02-09 09:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-09 09:30 - 2022-02-09 09:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-09 09:30 - 2022-02-09 09:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-09 09:30 - 2022-02-09 09:30 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-09 08:12 - 2022-02-11 11:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-08 20:25 - 2022-02-09 09:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-02-08 16:26 - 2022-02-08 16:27 - 000171962 _____ C:\Users\Jirka\Downloads\priloha_999652310_0_p700654136_530718052.pdf
2022-02-05 12:07 - 2022-02-05 12:07 - 000228315 _____ C:\Users\Jirka\Downloads\priloha_999108037_0_VZP_OSVC.pdf
2022-01-27 13:47 - 2022-01-27 13:47 - 000073511 _____ C:\Users\Jirka\Downloads\priloha_995080691_0_Vyuctovani_2021-Bohacek_Jiri.pdf
2022-01-25 18:30 - 2022-01-25 18:30 - 000331066 _____ C:\Users\Jirka\Downloads\817525853.pdf
2022-01-24 12:10 - 2022-01-24 12:10 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002(2).pdf
2022-01-24 12:08 - 2022-01-24 12:08 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002(1).pdf
2022-01-24 12:03 - 2022-01-24 12:03 - 000006967 _____ C:\Users\Jirka\Downloads\priloha_993023091_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-DC266964E869426296CE72001C622063-992950568.html
2022-01-23 15:43 - 2022-01-23 15:43 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002.pdf
2022-01-23 11:40 - 2022-01-23 11:40 - 000002008 _____ C:\Users\Jirka\Downloads\OSVC(1).xml
2022-01-23 11:31 - 2022-01-23 11:31 - 000001969 _____ C:\Users\Jirka\Downloads\OSVC_2021.xml
2022-01-21 10:28 - 2022-01-21 10:28 - 000068911 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211201-20211231_cislo-8.pdf
2022-01-21 10:28 - 2022-01-21 10:28 - 000061380 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211101-20211130_cislo-7.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000074125 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211001-20211031_cislo-6.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000064256 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210801-20210831_cislo-4.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000062841 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210901-20210930_cislo-5.pdf
2022-01-21 10:26 - 2022-01-21 10:26 - 000062130 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210701-20210731_cislo-3.pdf
2022-01-21 09:59 - 2022-01-21 09:59 - 000195338 _____ C:\Users\Jirka\Downloads\12590160_200101_220121.pdf
2022-01-21 09:54 - 2022-01-21 09:54 - 000332993 _____ C:\Users\Jirka\Downloads\12590160_180801_220121.pdf
2022-01-15 10:15 - 2022-01-15 10:16 - 000055390 _____ C:\Users\Jirka\Downloads\web_new Cenik_elektrina_dobu_neurcitou_MOO_202112_CEZDI(1).pdf
2022-01-15 09:06 - 2022-01-15 09:06 - 018537027 _____ C:\Users\Jirka\Downloads\Elektroprumysl_leden_2022.pdf
2022-01-14 09:29 - 2022-01-14 09:29 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 09:29 - 2022-01-14 09:29 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 16:03 - 2022-01-13 16:03 - 000055390 _____ C:\Users\Jirka\Downloads\web_new Cenik_elektrina_dobu_neurcitou_MOO_202112_CEZDI.pdf
2022-01-13 15:43 - 2022-01-13 15:43 - 000155262 _____ C:\Users\Jirka\Downloads\Faktura_0011226537_4126698900_2144259691.PDF
2022-01-13 11:11 - 2022-01-13 11:36 - 000213406 _____ C:\Users\Jirka\Documents\lm.odt
2022-01-13 11:07 - 2022-01-13 11:07 - 000061953 _____ C:\Users\Jirka\Downloads\html2pdf.zip
2022-01-13 10:55 - 2022-01-13 10:55 - 000029646 _____ C:\Users\Jirka\Downloads\napajeci-modul-lm2596-dc-dc-step-down-buck.html
2022-01-12 11:10 - 2022-01-12 11:10 - 000088022 _____ C:\Users\Jirka\Downloads\06143620_211127_220112.pdf
2022-01-12 11:10 - 2022-01-12 11:10 - 000087495 _____ C:\Users\Jirka\Downloads\06143620_211127_211231.pdf
2022-01-12 11:09 - 2022-01-12 11:09 - 000079752 _____ C:\Users\Jirka\Downloads\06143620_220112_220112.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-11 11:11 - 2020-09-07 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-11 11:11 - 2017-03-10 19:27 - 000000000 ____D C:\Users\Jirka\AppData\LocalLow\Mozilla
2022-02-11 11:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-11 11:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-11 11:06 - 2017-03-08 18:52 - 000000000 ____D C:\Users\Jirka\Documents\eM Client
2022-02-11 11:02 - 2021-01-12 17:27 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\eM Client
2022-02-11 10:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-11 10:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-11 10:43 - 2020-09-07 08:38 - 001693398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-11 10:43 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-11 10:43 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-11 10:41 - 2017-04-29 12:08 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-02-11 10:41 - 2017-03-08 23:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-11 10:41 - 2017-03-08 22:25 - 000000000 __SHD C:\Users\Jirka\IntelGraphicsProfiles
2022-02-11 10:37 - 2020-09-07 08:21 - 000482832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-11 10:37 - 2017-03-28 11:10 - 000000000 ____D C:\ProgramData\Avg
2022-02-11 10:36 - 2020-09-07 09:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-11 10:36 - 2020-09-07 08:21 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-11 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-11 10:35 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-11 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-11 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-11 10:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-11 08:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-10 16:22 - 2021-11-24 10:05 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-02-10 16:22 - 2021-09-15 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-02-10 16:22 - 2020-09-07 09:02 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-10 16:22 - 2020-09-07 09:02 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-02-10 16:22 - 2020-09-07 09:02 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-10 16:22 - 2020-09-07 09:02 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-10 16:22 - 2020-09-07 09:02 - 000003262 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-02-10 16:22 - 2020-09-07 09:02 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-10 16:22 - 2020-09-07 09:02 - 000003130 _____ C:\WINDOWS\system32\Tasks\eM Client Database Backup (S-1-5-21-3534509474-1781900124-1265873159-1001)
2022-02-10 16:22 - 2020-09-07 09:02 - 000002976 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-02-10 16:22 - 2020-09-07 09:02 - 000002596 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-02-10 16:22 - 2020-09-07 09:02 - 000002524 _____ C:\WINDOWS\system32\Tasks\ebtools
2022-02-10 16:22 - 2020-09-07 09:02 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2022-02-10 16:22 - 2020-09-07 09:02 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-02-10 16:22 - 2020-09-07 09:02 - 000002212 _____ C:\WINDOWS\system32\Tasks\PDVDServ12 Task
2022-02-10 16:09 - 2021-12-28 10:37 - 000013924 _____ C:\Users\Jirka\Desktop\elm.ods
2022-02-09 10:39 - 2017-03-08 19:12 - 304522214 _____ C:\Users\Jirka\Documents\zaloha.ar!
2022-02-09 09:46 - 2017-03-10 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-09 09:30 - 2020-09-07 08:27 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-09 08:40 - 2021-10-09 08:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-09 08:28 - 2017-03-17 02:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 08:18 - 2017-03-08 16:05 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-09 08:12 - 2019-02-05 08:58 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-09 08:12 - 2017-03-10 19:26 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-08 16:34 - 2017-10-23 11:36 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-02-05 10:22 - 2017-12-06 10:38 - 000000000 ____D C:\Users\Jirka\AppData\Local\Packages
2022-02-05 08:09 - 2020-06-07 08:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-05 08:09 - 2020-06-07 08:17 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-04 13:50 - 2020-01-20 11:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-04 13:50 - 2020-01-20 11:31 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-04 08:19 - 2021-01-22 08:18 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-03 09:34 - 2017-03-08 19:01 - 000000000 ____D C:\Users\Jirka\Documents\Alena
2022-01-31 08:20 - 2018-01-14 13:24 - 000000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2022-01-30 18:19 - 2017-03-11 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-01-28 20:04 - 2020-08-04 17:31 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-28 20:04 - 2020-08-04 17:31 - 000064256 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-28 20:04 - 2017-10-06 15:28 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-28 20:03 - 2020-08-04 17:31 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-27 16:58 - 2018-05-02 09:46 - 000000000 ____D C:\Users\Jirka\Documents\Jirka zdrav.stav
2022-01-24 09:01 - 2020-05-09 08:10 - 000000000 ____D C:\Users\Jirka\Desktop\Lhůty revizí MÚ
2022-01-22 09:50 - 2017-06-06 13:46 - 000000000 ____D C:\Users\Jirka\Documents\Děda
2022-01-22 09:48 - 2020-09-12 07:33 - 000000000 ____D C:\Users\Jirka\Desktop\OSVč + důchod 2020
2022-01-19 23:22 - 2021-01-22 08:18 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-01-19 23:22 - 2021-01-22 08:18 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-01-18 16:56 - 2017-03-08 19:10 - 000000000 ____D C:\Users\Jirka\Documents\Hes
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 08:19 - 2017-03-10 08:44 - 000000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2022-01-13 01:06 - 2020-08-04 17:31 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\SET878C.tmp
2022-01-13 01:06 - 2020-08-04 17:31 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\SETA98E.tmp
2022-01-12 09:46 - 2017-03-08 22:54 - 000000000 ____D C:\Users\Jirka\AppData\Local\ElevatedDiagnostics
2022-01-12 08:36 - 2021-10-13 07:30 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\en_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\es_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021880 _____ (Schneider Electric) C:\Users\Jirka\fr_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021880 _____ (Schneider Electric) C:\Users\Jirka\grm_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\it_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000020344 _____ (Schneider Electric) C:\Users\Jirka\jp_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 001079808 _____ (Microsoft Corporation) C:\Users\Jirka\mfc80u.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000626688 _____ (Microsoft Corporation) C:\Users\Jirka\msvcr80.dll
2017-03-11 08:36 - 2019-06-03 16:30 - 013923704 _____ (Schneider Electric) C:\Users\Jirka\PCPE Setup.exe
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\pt_res.dll
2017-03-11 08:36 - 2019-06-03 16:30 - 000018808 _____ () C:\Users\Jirka\ResourceReader.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000020856 _____ (Schneider Electric) C:\Users\Jirka\ru_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000019832 _____ (Schneider Electric) C:\Users\Jirka\zh_res.dll
2017-03-15 18:08 - 2017-03-15 18:23 - 000000045 _____ () C:\Users\Jirka\AppData\Roaming\MCVi2UserDetail.ini
2019-10-06 09:38 - 2019-10-06 09:38 - 000003584 _____ () C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-29 09:51 - 2018-12-29 09:51 - 000000093 _____ () C:\Users\Jirka\AppData\Local\fusioncache.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Jirka (11-02-2022 11:33:16)
Running from C:\Users\Jirka\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-09-07 08:04:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3534509474-1781900124-1265873159-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3534509474-1781900124-1265873159-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-3534509474-1781900124-1265873159-503 - Limited - Disabled)
Guest (S-1-5-21-3534509474-1781900124-1265873159-501 - Limited - Disabled)
Jirka (S-1-5-21-3534509474-1781900124-1265873159-1001 - Administrator - Enabled) => C:\Users\Jirka
WDAGUtilityAccount (S-1-5-21-3534509474-1781900124-1265873159-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
ApowerREC V1.4.9.17 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.4.9.17 - Apowersoft LIMITED)
Apowersoft Online Launcher version 1.7.7 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.7 - APOWERSOFT LIMITED)
Apowersoft Online Launcher version 1.8.0 (HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.0 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač verze 6.4.6 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 21.11.3215 - AVG Technologies)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.2 - Canon Inc.)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - )
Canon Nástroj pro rychlou volbu2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.5 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TR7500 series Elektronická příručka (HKLM-x32\...\Canon TR7500 series Elektronická příručka) (Version: 1.1.0 - Canon Inc.)
Canon TR7500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TR7500_series) (Version: 1.01 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0716 - Lenovo)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 20.950 (20201201_13) - Solitea Česká republika, a.s.)
Ekonomický systém Money S3 START (HKLM-x32\...\Money S3 START) (Version: 22.110 (20220127_09) - Solitea Česká republika, a.s.)
eM Client (HKLM-x32\...\{DCA2551A-C6C8-413E-85B5-5FECAAE001AF}) (Version: 8.2.1659.0 - eM Client Inc.)
FileOpen Client B978 (HKLM\...\FileOpenClient_is1) (Version: B978 - FileOpen Systems, Inc.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.27.0.77 - Software602 a.s.)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 97.0 (x64 cs)) (Version: 97.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
OpenOffice 4.1.11 (HKLM-x32\...\{1006FF60-29FF-49F8-B688-D148DB487136}) (Version: 4.111.9808 - Apache Software Foundation)
PowerChute Personal Edition (HKLM-x32\...\APC) (Version: 3.1.0 - Schneider Electric)
Print Conductor 7.1 (HKLM-x32\...\Print Conductor_is1) (Version: 7.1 - fCoder SIA)
ProFact 4.0 (HKLM-x32\...\ProFact 4.0_is1) (Version: - eXmind)
Příjmové a výdajové doklady (HKLM-x32\...\Příjmové a výdajové doklady_is1) (Version: - eXmind)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon iP2700 series (HKLM-x32\...\Registrace uživatele zařízení Canon iP2700 series) (Version: - )
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Software602 Form Filler (HKLM-x32\...\{F8F79FE0-64EA-439C-A6AE-B1946A178F24}) (Version: 4.55 - Software602 a.s.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UZEL Evidence (HKLM-x32\...\UZEL Evidence_is1) (Version: - hxxp://swuzel.sweb.cz/)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Driver Package - Realtek Semiconduct Corp. (RTSUER) USB (05/11/2015 6.3.9600.31213) (HKLM\...\8B76AD3EEC17650CAFD6EEFD418B2454C10BC71B) (Version: 05/11/2015 6.3.9600.31213 - Realtek Semiconduct Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
xVideos Video Downloader 3.32 (HKLM-x32\...\xVideos Video Downloader_is1) (Version: - DownloadToolz, Inc.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-10-19] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2020-10-19] (LENOVO INCORPORATED.)
Viewer for Excel -> C:\Program Files\WindowsApps\32581DocumentManagement.ViewerforExcel_1.88.0.0_neutral__bxxb0jeh05ret [2020-10-19] (Document Management)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3 START] => C:\Users\Public\Documents\Solitea\Money S3 START\PRINT\ [0000-00-00 00:00]
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-11-05 20:34 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\cnmpu.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000915376 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\pdcdll.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000574896 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsControl.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000534960 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsDevice.dll
2019-06-07 17:01 - 2019-06-07 17:01 - 002200576 _____ (Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\res.dll
2017-03-08 15:35 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001 -> DefaultScope {D3D44F78-EB33-4224-99AB-0F2CDE1FA5C7} URL =
SearchScopes: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001 -> {D3D44F78-EB33-4224-99AB-0F2CDE1FA5C7} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\unmz.cz -> hxxps://csnonline.unmz.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2021-06-24 18:25 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\RogueKiller;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Print Conductor;
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 79.98.72.27 - 79.98.72.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: FastbootService => 2
MSCONFIG\Services: LenovoPortalService => 2
MSCONFIG\Services: LSCWinService => 3
MSCONFIG\Services: Sks8821 => 2
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "UpdateP2GoShortCut"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Display"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenu"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "VideoDownloadCapture"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4118C0F9-15A1-4CBC-865C-610A53738A3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D420995C-D324-47B3-90B2-C9AE4050453A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{197E9891-7E9C-4CD2-A07C-ED9B6684DBC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B3F7E03-0C2A-4601-BA05-4CAD94754424}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC7C0B55-093A-4BAF-AC22-BFEE3DE89573}] => (Allow) C:\Users\Jirka\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{512E1B13-2113-4323-A11A-16E3B4E58BB7}] => (Allow) C:\Users\Jirka\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [UDP Query User{A5719604-78C5-4D8E-9D18-5B87BDED4CF4}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{C442E58F-42ED-4EC3-8220-CFE0D4246549}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{9C8C2357-6A39-4BCD-88C2-39EDDAB27383}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C8ACA574-FE81-4C4C-9C62-48E48342298B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{085892DE-8C2D-4CC4-AD76-99E73D842320}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E9EC6E99-116D-4EB8-9B84-EEB6EECCEDDC}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{71EA5830-8F32-40CD-A3B5-553704AEEFBC}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8E219A84-B9F4-47AD-B5BD-926CBB6DC8F2}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{F27D5CA3-E70D-40AD-B2D6-2F735D29821B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{09697EAB-0283-441A-BB64-419735BC4A8E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EEFD40FD-3E5F-48C0-A2BA-56F7C1CA65BD}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{E8EA506E-722B-4FA4-8127-FE84B7082871}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{66A0CB8D-575E-4EC0-BCDC-C3742331AA16}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{FA22890D-D5EF-4B26-8D8A-758C328DFBA7}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{3C84EE1B-C0B8-404C-A2B3-DA54136A3BF9}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A202A91A-9569-453D-A1F4-72E6DBEBBD34}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F58531AE-EBA4-4C88-85C9-C7E9EB188AF6}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5D1EAAA1-F851-4FAC-BC07-50E81468269C}] => (Block) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{30B776ED-AC98-4D14-866B-08FA80E4AFFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
22-01-2022 10:07:04 Naplánovaný kontrolní bod
31-01-2022 10:16:38 Naplánovaný kontrolní bod
06-02-2022 12:01:26 Windows Zálohování
09-02-2022 08:29:08 Instalační služba modulů systému Windows
09-02-2022 08:33:01 Instalační služba modulů systému Windows
09-02-2022 08:35:38 Instalační služba modulů systému Windows
11-02-2022 08:03:38 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/09/2022 04:29:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/09/2022 04:29:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/09/2022 09:54:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/09/2022 09:43:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TiWorker.exe, verze: 10.0.19041.1525, časové razítko: 0xd81ad4ae
Název chybujícího modulu: cbscore.dll, verze: 10.0.19041.1525, časové razítko: 0x84ce35ef
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000009edd8
ID chybujícího procesu: 0xec8
Čas spuštění chybující aplikace: 0x01d81d8787d6c4e0
Cesta k chybující aplikaci: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\cbscore.dll
ID zprávy: 3f0aae61-6464-4f37-bb82-75afc03b65ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/09/2022 08:44:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.1288, časové razítko: 0x17884906
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1466, časové razítko: 0xe01c7650
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x3628
Čas spuštění chybující aplikace: 0x01d81d8741db6b42
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8875b986-e42c-432c-8f3d-dc43ed8f830b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/11/2022 10:45:01 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.
Error: (02/11/2022 10:43:36 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/11/2022 10:41:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba APC Data Service závisí na službě APC UPS Service, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba APC UPS Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby APC UPS Service bylo dosaženo časového limitu (45000 ms).
Error: (02/11/2022 10:37:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ImControllerService bylo dosaženo časového limitu (45000 ms).
CodeIntegrity:
===============
Date: 2022-02-11 11:10:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-02-11 10:38:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 86%
Total physical RAM: 4005.27 MB
Available physical RAM: 543.17 MB
Total Virtual: 6181.27 MB
Available Virtual: 2289.13 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:433.92 GB) (Free:320.81 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Disk záloh) (CDROM) (Total:4.37 GB) (Free:0 GB) CDFS
Drive e: (ELMER) (Removable) (Total:7.47 GB) (Free:7.06 GB) FAT32
Drive f: (ADATA UFD) (Removable) (Total:7.16 GB) (Free:3.5 GB) FAT32
Drive g: () (Removable) (Total:0.48 GB) (Free:0.48 GB) FAT
Drive h: (Elements) (Fixed) (Total:1397.23 GB) (Free:379.97 GB) NTFS
\\?\Volume{12f3f087-1cf8-43fb-897f-86276cf26e57}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{d751cf0b-d3dd-4384-91dd-e365347c9713}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:16.4 GB) NTFS
\\?\Volume{8fe6c00a-ebb0-4b79-a562-77410841cb20}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5E59A8FD)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397.2 GB) (Disk ID: B8CF6326)
Partition 1: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0B)
==========================================================
Disk: 4 (Protective MBR) (Size: 488.5 MB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by Jirka (administrator) on DESKTOP-5L00R9K (LENOVO 90F1001FCK) (11-02-2022 11:28:13)
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka
Platform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Solitea, a.s. -> Solitea Česká republika, a.s.) C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2203648 2015-07-24] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1459160 2017-02-03] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [190904 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-02] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [480176 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [VideoDownloadCapture] => C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe [6540952 2018-09-11] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe [18529320 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [CCleanerBrowserAutoLaunch_1883732B6BBDD45C9018A763BB4511D1] => "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Policies\Explorer: [NoDrives] 00000007
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3 START\MS3Auto.exe [18529320 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
HKLM\...\Windows x64\Print Processors\Canon iP2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA4.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TR7500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDM.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR7500 series: C:\WINDOWS\system32\CNCALDM.DLL [254464 2017-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP2700 series: C:\WINDOWS\system32\CNMLMA4.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR7500 series: C:\WINDOWS\system32\CNMLMDM.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2020-06-05]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric -> Schneider Electric) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00FDF91E-C920-45A1-AF1E-57B30284CAE6} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe LOGON (No File)
Task: {1ACB8312-4BFB-4451-9781-BC44E4F4E8BA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1C0D7B9E-763F-4513-ADEB-6ABA8F0E4342} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {20361C2D-0F12-4CDA-8C85-CB25FEAC59B1} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-13] (LENOVO -> )
Task: {20953805-8E68-4788-AFD7-63CFB9F128BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6baade38-6b00-4710-9ccc-fd9e8f711826 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {2C1FF07A-F624-4FDD-89F9-0722E2D22169} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {510F3BAA-A506-4247-9E85-7B1CD1D8BCD5} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-30] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {53ED1094-47FB-4129-9AD1-01F13BDF8724} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\03c1b8ee-ae32-4c34-9a9a-05d3768bf882 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {645168DA-3C25-4EB7-81AE-3D66483A9DC8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {85217589-DF40-4A4C-981D-390B7DFD8701} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9B2C8D3F-89DB-4AEF-A37D-1B11930B3051} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {A084237B-4EB6-4B2A-8124-21BE626F5FC8} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-03-08] (LENOVO -> Lenovo)
Task: {B2CD0492-524D-4271-A453-0CBEDDBAC96E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {BBB22B95-AE49-4C65-9AC6-3810A51E17BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {C13DAD95-387B-4AF0-8DAB-48C04132853E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C5D2D632-DB40-4479-94C1-F7F223A0F2E7} - System32\Tasks\eM Client Database Backup (S-1-5-21-3534509474-1781900124-1265873159-1001) => C:\Program Files (x86)\eM Client\MailClient.exe [240288 2021-10-07] (eM Client, s.r.o. -> eM Client s.r.o.)
Task: {C7FAE1A4-06E0-451D-A334-94334969CAAF} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1413384 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CAF5970D-5F4F-4CBC-BBFA-BD4C0C165967} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DC9D97F9-21C4-45BE-A92F-6FD2F96D2CA8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\49027832-4817-4192-9a9d-8842f884b999 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DE04CF9D-E91D-47B1-904F-0CFE68737BAD} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {E3A03211-3A39-4663-AC25-E2FEEF51F95D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E817DB57-C9C5-4337-B95C-C8443B946046} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-13] (LENOVO -> )
Task: {EE5D1868-0CD7-486C-A09C-AFE483A7D215} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [5002680 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {F1A99A25-E519-4B96-9B8B-11A995A5BC5D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {F881B307-B704-42B4-824E-6F06FD960B01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
Task: {FA86FB7D-7CA1-4978-866F-34E8BC1B9892} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FDFE7550-FA33-4BF3-A34C-189B85AF53D8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6a9cd1c6-757c-4900-999b-33d7ee3160b3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{e178b505-66bd-4d4e-804d-8e2a74cb8464}: [DhcpNameServer] 79.98.72.27 79.98.72.2
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jirka\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-05]
Edge HomePage: Default -> hxxp://www.idnes.cz/
Edge StartupUrls: Default -> "hxxp://www.blesk.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: v7lb8ezr.default-1614698427935
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\v7lb8ezr.default-1614698427935 [2022-02-11]
FF Homepage: Mozilla\Firefox\Profiles\v7lb8ezr.default-1614698427935 -> www.idnes.cz
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2022-02-11]
CHR HomePage: Default -> hxxp://www.sledovanitv.cz/
CHR StartupUrls: Default -> "hxxps://sledovanitv.cz/home#ct1"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-18]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Jirka\AppData\Roaming\Opera Software\Opera Stable [2021-06-24]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [14256 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
S2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [4261808 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [485816 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [485816 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8517744 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2017-03-02] (Canon Inc. -> CANON INC.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [349656 2017-02-03] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 MonS3Service; C:\Program Files (x86)\Common Files\Solitea\MonS3Service.exe [1694992 2022-02-01] (Solitea, a.s. -> Solitea Česká republika, a.s.)
S4 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [36920 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [222248 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [369288 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [253064 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [100488 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [21960 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42552 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [186424 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [540192 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109056 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84120 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [853944 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [545312 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215576 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [318904 2021-12-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-11-24] (CPUID S.A.R.L.U. -> CPUID)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-09-10] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2021-06-08] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-11 11:28 - 2022-02-11 11:30 - 000027104 _____ C:\Users\Jirka\Downloads\FRST.txt
2022-02-11 11:27 - 2022-02-11 11:29 - 000000000 ____D C:\FRST
2022-02-11 11:25 - 2022-02-11 11:25 - 002311680 _____ (Farbar) C:\Users\Jirka\Downloads\FRST64.exe
2022-02-11 08:03 - 2022-02-11 08:03 - 000000000 ___HD C:\$WinREAgent
2022-02-09 09:33 - 2022-02-09 09:33 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-09 09:32 - 2022-02-09 09:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-09 09:30 - 2022-02-09 09:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-09 09:30 - 2022-02-09 09:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-09 09:30 - 2022-02-09 09:30 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-09 08:12 - 2022-02-11 11:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-08 20:25 - 2022-02-09 09:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-02-08 16:26 - 2022-02-08 16:27 - 000171962 _____ C:\Users\Jirka\Downloads\priloha_999652310_0_p700654136_530718052.pdf
2022-02-05 12:07 - 2022-02-05 12:07 - 000228315 _____ C:\Users\Jirka\Downloads\priloha_999108037_0_VZP_OSVC.pdf
2022-01-27 13:47 - 2022-01-27 13:47 - 000073511 _____ C:\Users\Jirka\Downloads\priloha_995080691_0_Vyuctovani_2021-Bohacek_Jiri.pdf
2022-01-25 18:30 - 2022-01-25 18:30 - 000331066 _____ C:\Users\Jirka\Downloads\817525853.pdf
2022-01-24 12:10 - 2022-01-24 12:10 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002(2).pdf
2022-01-24 12:08 - 2022-01-24 12:08 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002(1).pdf
2022-01-24 12:03 - 2022-01-24 12:03 - 000006967 _____ C:\Users\Jirka\Downloads\priloha_993023091_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-DC266964E869426296CE72001C622063-992950568.html
2022-01-23 15:43 - 2022-01-23 15:43 - 000069551 _____ C:\Users\Jirka\Downloads\p700493002.pdf
2022-01-23 11:40 - 2022-01-23 11:40 - 000002008 _____ C:\Users\Jirka\Downloads\OSVC(1).xml
2022-01-23 11:31 - 2022-01-23 11:31 - 000001969 _____ C:\Users\Jirka\Downloads\OSVC_2021.xml
2022-01-21 10:28 - 2022-01-21 10:28 - 000068911 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211201-20211231_cislo-8.pdf
2022-01-21 10:28 - 2022-01-21 10:28 - 000061380 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211101-20211130_cislo-7.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000074125 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20211001-20211031_cislo-6.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000064256 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210801-20210831_cislo-4.pdf
2022-01-21 10:27 - 2022-01-21 10:27 - 000062841 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210901-20210930_cislo-5.pdf
2022-01-21 10:26 - 2022-01-21 10:26 - 000062130 _____ C:\Users\Jirka\Downloads\Vypis_z_uctu-2701990982_20210701-20210731_cislo-3.pdf
2022-01-21 09:59 - 2022-01-21 09:59 - 000195338 _____ C:\Users\Jirka\Downloads\12590160_200101_220121.pdf
2022-01-21 09:54 - 2022-01-21 09:54 - 000332993 _____ C:\Users\Jirka\Downloads\12590160_180801_220121.pdf
2022-01-15 10:15 - 2022-01-15 10:16 - 000055390 _____ C:\Users\Jirka\Downloads\web_new Cenik_elektrina_dobu_neurcitou_MOO_202112_CEZDI(1).pdf
2022-01-15 09:06 - 2022-01-15 09:06 - 018537027 _____ C:\Users\Jirka\Downloads\Elektroprumysl_leden_2022.pdf
2022-01-14 09:29 - 2022-01-14 09:29 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 09:29 - 2022-01-14 09:29 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 16:03 - 2022-01-13 16:03 - 000055390 _____ C:\Users\Jirka\Downloads\web_new Cenik_elektrina_dobu_neurcitou_MOO_202112_CEZDI.pdf
2022-01-13 15:43 - 2022-01-13 15:43 - 000155262 _____ C:\Users\Jirka\Downloads\Faktura_0011226537_4126698900_2144259691.PDF
2022-01-13 11:11 - 2022-01-13 11:36 - 000213406 _____ C:\Users\Jirka\Documents\lm.odt
2022-01-13 11:07 - 2022-01-13 11:07 - 000061953 _____ C:\Users\Jirka\Downloads\html2pdf.zip
2022-01-13 10:55 - 2022-01-13 10:55 - 000029646 _____ C:\Users\Jirka\Downloads\napajeci-modul-lm2596-dc-dc-step-down-buck.html
2022-01-12 11:10 - 2022-01-12 11:10 - 000088022 _____ C:\Users\Jirka\Downloads\06143620_211127_220112.pdf
2022-01-12 11:10 - 2022-01-12 11:10 - 000087495 _____ C:\Users\Jirka\Downloads\06143620_211127_211231.pdf
2022-01-12 11:09 - 2022-01-12 11:09 - 000079752 _____ C:\Users\Jirka\Downloads\06143620_220112_220112.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-11 11:11 - 2020-09-07 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-11 11:11 - 2017-03-10 19:27 - 000000000 ____D C:\Users\Jirka\AppData\LocalLow\Mozilla
2022-02-11 11:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-11 11:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-11 11:06 - 2017-03-08 18:52 - 000000000 ____D C:\Users\Jirka\Documents\eM Client
2022-02-11 11:02 - 2021-01-12 17:27 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\eM Client
2022-02-11 10:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-11 10:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-11 10:43 - 2020-09-07 08:38 - 001693398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-11 10:43 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-11 10:43 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-11 10:41 - 2017-04-29 12:08 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-02-11 10:41 - 2017-03-08 23:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-11 10:41 - 2017-03-08 22:25 - 000000000 __SHD C:\Users\Jirka\IntelGraphicsProfiles
2022-02-11 10:37 - 2020-09-07 08:21 - 000482832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-11 10:37 - 2017-03-28 11:10 - 000000000 ____D C:\ProgramData\Avg
2022-02-11 10:36 - 2020-09-07 09:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-11 10:36 - 2020-09-07 08:21 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-11 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-11 10:35 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-11 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-11 10:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-11 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-11 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-11 10:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-11 08:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-10 16:22 - 2021-11-24 10:05 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-02-10 16:22 - 2021-09-15 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-02-10 16:22 - 2020-09-07 09:02 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-10 16:22 - 2020-09-07 09:02 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-02-10 16:22 - 2020-09-07 09:02 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-10 16:22 - 2020-09-07 09:02 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-10 16:22 - 2020-09-07 09:02 - 000003262 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-02-10 16:22 - 2020-09-07 09:02 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-10 16:22 - 2020-09-07 09:02 - 000003130 _____ C:\WINDOWS\system32\Tasks\eM Client Database Backup (S-1-5-21-3534509474-1781900124-1265873159-1001)
2022-02-10 16:22 - 2020-09-07 09:02 - 000002976 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-02-10 16:22 - 2020-09-07 09:02 - 000002596 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-02-10 16:22 - 2020-09-07 09:02 - 000002524 _____ C:\WINDOWS\system32\Tasks\ebtools
2022-02-10 16:22 - 2020-09-07 09:02 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2022-02-10 16:22 - 2020-09-07 09:02 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-02-10 16:22 - 2020-09-07 09:02 - 000002212 _____ C:\WINDOWS\system32\Tasks\PDVDServ12 Task
2022-02-10 16:09 - 2021-12-28 10:37 - 000013924 _____ C:\Users\Jirka\Desktop\elm.ods
2022-02-09 10:39 - 2017-03-08 19:12 - 304522214 _____ C:\Users\Jirka\Documents\zaloha.ar!
2022-02-09 09:46 - 2017-03-10 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-09 09:30 - 2020-09-07 08:27 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-09 08:40 - 2021-10-09 08:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-09 08:28 - 2017-03-17 02:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 08:18 - 2017-03-08 16:05 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-09 08:12 - 2019-02-05 08:58 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-09 08:12 - 2017-03-10 19:26 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-08 16:34 - 2017-10-23 11:36 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-02-05 10:22 - 2017-12-06 10:38 - 000000000 ____D C:\Users\Jirka\AppData\Local\Packages
2022-02-05 08:09 - 2020-06-07 08:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-05 08:09 - 2020-06-07 08:17 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-04 13:50 - 2020-01-20 11:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-04 13:50 - 2020-01-20 11:31 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-04 08:19 - 2021-01-22 08:18 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-03 09:34 - 2017-03-08 19:01 - 000000000 ____D C:\Users\Jirka\Documents\Alena
2022-01-31 08:20 - 2018-01-14 13:24 - 000000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2022-01-30 18:19 - 2017-03-11 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-01-28 20:04 - 2020-08-04 17:31 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-28 20:04 - 2020-08-04 17:31 - 000064256 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-28 20:04 - 2017-10-06 15:28 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-28 20:03 - 2020-08-04 17:31 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-27 16:58 - 2018-05-02 09:46 - 000000000 ____D C:\Users\Jirka\Documents\Jirka zdrav.stav
2022-01-24 09:01 - 2020-05-09 08:10 - 000000000 ____D C:\Users\Jirka\Desktop\Lhůty revizí MÚ
2022-01-22 09:50 - 2017-06-06 13:46 - 000000000 ____D C:\Users\Jirka\Documents\Děda
2022-01-22 09:48 - 2020-09-12 07:33 - 000000000 ____D C:\Users\Jirka\Desktop\OSVč + důchod 2020
2022-01-19 23:22 - 2021-01-22 08:18 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-01-19 23:22 - 2021-01-22 08:18 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-01-18 16:56 - 2017-03-08 19:10 - 000000000 ____D C:\Users\Jirka\Documents\Hes
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 08:19 - 2017-03-10 08:44 - 000000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2022-01-13 01:06 - 2020-08-04 17:31 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\SET878C.tmp
2022-01-13 01:06 - 2020-08-04 17:31 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\SETA98E.tmp
2022-01-12 09:46 - 2017-03-08 22:54 - 000000000 ____D C:\Users\Jirka\AppData\Local\ElevatedDiagnostics
2022-01-12 08:36 - 2021-10-13 07:30 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\en_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\es_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021880 _____ (Schneider Electric) C:\Users\Jirka\fr_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021880 _____ (Schneider Electric) C:\Users\Jirka\grm_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\it_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000020344 _____ (Schneider Electric) C:\Users\Jirka\jp_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 001079808 _____ (Microsoft Corporation) C:\Users\Jirka\mfc80u.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000626688 _____ (Microsoft Corporation) C:\Users\Jirka\msvcr80.dll
2017-03-11 08:36 - 2019-06-03 16:30 - 013923704 _____ (Schneider Electric) C:\Users\Jirka\PCPE Setup.exe
2017-03-11 08:36 - 2019-06-03 16:29 - 000021368 _____ (Schneider Electric) C:\Users\Jirka\pt_res.dll
2017-03-11 08:36 - 2019-06-03 16:30 - 000018808 _____ () C:\Users\Jirka\ResourceReader.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000020856 _____ (Schneider Electric) C:\Users\Jirka\ru_res.dll
2017-03-11 08:36 - 2019-06-03 16:29 - 000019832 _____ (Schneider Electric) C:\Users\Jirka\zh_res.dll
2017-03-15 18:08 - 2017-03-15 18:23 - 000000045 _____ () C:\Users\Jirka\AppData\Roaming\MCVi2UserDetail.ini
2019-10-06 09:38 - 2019-10-06 09:38 - 000003584 _____ () C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-29 09:51 - 2018-12-29 09:51 - 000000093 _____ () C:\Users\Jirka\AppData\Local\fusioncache.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Prosím preventivně?
ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím preventivně?
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Jirka (11-02-2022 14:16:24) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
EmptyTemp:
Reboot:
End
*****************
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully
C:\ProgramData\Temp => ":9482CFB4" ADS removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946c0734-6d7e-11ec-9d2e-b8aeedd88c00} => removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} => removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D8AB2F4-E982-4C3D-A566-DD72855F94CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D8AB2F4-E982-4C3D-A566-DD72855F94CF}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F904407E-2758-4D99-9422-9D31574BD215}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F904407E-2758-4D99-9422-9D31574BD215}" => removed successfully
C:\WINDOWS\System32\Tasks\ebtools => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ebtools" => removed successfully
SpyEmrg => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SpyEmrg => removed successfully
SpyEmrg => service removed successfully
HKLM\System\CurrentControlSet\Services\SpyEmrgAccess => removed successfully
SpyEmrgAccess => service removed successfully
HKLM\System\CurrentControlSet\Services\SpyEmrgGuard => removed successfully
SpyEmrgGuard => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 269028280 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 539059 B
Edge => 0 B
Chrome => 356416080 B
Firefox => 1350976927 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 276942 B
NetworkService => 276942 B
Jirka => 75121906 B
RecycleBin => 205040 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:25:57 ====
Ran by Jirka (11-02-2022 14:16:24) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:9482CFB4 [268]
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {946c0734-6d7e-11ec-9d2e-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\...\MountPoints2: {b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6D8AB2F4-E982-4C3D-A566-DD72855F94CF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jirka\Downloads\esetonlinescanner_csy.exe SCHED (No File)
Task: {F904407E-2758-4D99-9422-9D31574BD215} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe /SCHEDULED (No File)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
EmptyTemp:
Reboot:
End
*****************
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully
C:\ProgramData\Temp => ":9482CFB4" ADS removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946c0734-6d7e-11ec-9d2e-b8aeedd88c00} => removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{977ec9e8-d25d-11eb-9cf0-b8aeedd88c00} => removed successfully
HKU\S-1-5-21-3534509474-1781900124-1265873159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b4d9a8d0-0a59-11ec-9d0b-b8aeedd88c00} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D8AB2F4-E982-4C3D-A566-DD72855F94CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D8AB2F4-E982-4C3D-A566-DD72855F94CF}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F904407E-2758-4D99-9422-9D31574BD215}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F904407E-2758-4D99-9422-9D31574BD215}" => removed successfully
C:\WINDOWS\System32\Tasks\ebtools => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ebtools" => removed successfully
SpyEmrg => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SpyEmrg => removed successfully
SpyEmrg => service removed successfully
HKLM\System\CurrentControlSet\Services\SpyEmrgAccess => removed successfully
SpyEmrgAccess => service removed successfully
HKLM\System\CurrentControlSet\Services\SpyEmrgGuard => removed successfully
SpyEmrgGuard => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 269028280 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 539059 B
Edge => 0 B
Chrome => 356416080 B
Firefox => 1350976927 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 276942 B
NetworkService => 276942 B
Jirka => 75121906 B
RecycleBin => 205040 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:25:57 ====
Re: Prosím preventivně?
je to lepsie
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím preventivně?
Vypadfá to, že ano. Ještě bych prosil o kontrolu zálohování Win. Všiml jsem si, že v FRST logu jsou nějaké chyby -a poslední cca 1/2 rok mám trable s automatickou zálohou na externí disk (H). Většinou skončí s hláškou, že nezazálohoval. Pokud spustím pak ručně tak na potřetí se záloha provede. Půjde i s tímto něco udělat? Díky za Vaší rychlost.
Re: Prosím preventivně?
Skus postupne otestovat s prikazoveho riadku spusteneho ako spravca prikazom
chkdsk c:
Kde c: nahradis aj inymi pismenami vsetkych pouzivanych diskov
Disk ktory vykaze chyby nechas otestovat prikazom
chkdsk c: /r
Kde c: bude nahradene pismenom disku s chybami
chkdsk c:
Kde c: nahradis aj inymi pismenami vsetkych pouzivanych diskov
Disk ktory vykaze chyby nechas otestovat prikazom
chkdsk c: /r
Kde c: bude nahradene pismenom disku s chybami
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím preventivně?
Díky na Vaší radu jsem spustil chkdsk na C disku. Kontrola (a oprava) skončila někdy v nočních hodinách. PC se pak asi sám i vypnul. Ráno normálně spuštěn. Zatím jede
snad 3x rychleji...
1. dotaz : Najdu někde nějaký záznam o provedeném čištění disku ?
2. dotaz: Proč chodil tak zpomaleně? Byl pouze zanesen, nebo měl jiné problémy? Děkuji. L.
snad 3x rychleji...
1. dotaz : Najdu někde nějaký záznam o provedeném čištění disku ?
2. dotaz: Proč chodil tak zpomaleně? Byl pouze zanesen, nebo měl jiné problémy? Děkuji. L.
Re: Prosím preventivně?
1. bezne chkdsk vypis nerobi
2. cca 2GB zbytocnosti, podobnu sluzbu Ti poskytne zvacsa aj CCleaner
Pekny vikend
2. cca 2GB zbytocnosti, podobnu sluzbu Ti poskytne zvacsa aj CCleaner
Pekny vikend
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím preventivně?
Mnohox díky a pozdrav do BB.