Zdravím. Comp často zamrzá, že musím čekat několik desítek vteřin a někdy zamrzne úplně a musím dát restart. Nejdou mazat složky a nebo i jejich obsah včetně jednotlivých souborů. Neustále to chce nějaká oprávnění. Děkuji za kontrolu logu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2020
Ran by Oťáček (administrator) on OŤÁČEK-PC (22-09-2020 20:12:33)
Running from E:\Stažené soubory
Loaded Profiles: Oťáček
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\runSW.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\AvastUI.exe <5>
(Brio) [File not signed] C:\Program Files\FolderSize\FolderSizeSvc.exe
(Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\InternetOff.exe
(Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\IOffSvc.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek) [File not signed] C:\Windows\SwUSB.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
(Two Pilots) [File not signed] C:\Windows\VPDAgent_x64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => E:\Avast 2019\AvLaunch.exe [109160 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [InternetOff] => C:\Program Files (x86)\InternetOff\InternetOff.exe [3182360 2016-05-25] (Crystal Rich Ltd -> )
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\SSP2MPC: C:\Windows\System32\spool\prtprocs\x64\ssp2mpc.dll [33792 2009-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [52248 2019-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us007PC: C:\Windows\System32\spool\prtprocs\x64\us007pc.dll [52240 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\gcprm: C:\Windows\system32\gcprpm.dll [54784 2012-03-06] () [File not signed]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\SSP2M Langmon: C:\Windows\system32\ssp2ml6.dll [22016 2008-01-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us005 Langmon: C:\Windows\system32\us005lm.dll [31256 2019-03-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us007 Langmon: C:\Windows\system32\us007lm.dll [31248 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2020-02-18]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk [2017-04-10]
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0584A722-7270-4D5B-9CBE-B3A513B5AEAA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E9BB8EB-7707-47AB-95C9-1FD696B4753B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {11F27765-264A-41F2-929A-9AC291E5530B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {14B9D031-2025-4737-8E7C-BD951A7C1D4F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {164B769E-B179-4FBC-9451-D66F4574E7A5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {211F0999-E43B-4F8A-8B7F-504B1A76E4A9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2854F702-2543-49C6-B6F8-8CCA9261458A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {385AD0A4-9CF9-491F-91A4-710A445B5C5B} - System32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\TechSmith\Snagit 11\SnagitPI.exe" -d "C:\Program Files (x86)\TechSmith\Snagit 11"
Task: {42D1B611-74D8-4E70-8AB0-CD9A323017BF} - System32\Tasks\Avast Emergency Update => E:\Avast 2019\AvEmUpdate.exe [3850336 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
Task: {511BF905-4DC3-4625-88E7-18651B3DDBEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {545AEE0F-05B3-40B1-84C0-AE04A1C73FCB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D5D6B16-958E-4985-9413-495B499330B0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {63673011-F893-4D81-B48B-0AAEC5EFD1F8} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {68F472C4-6DEF-4E63-B7E8-B6D0019C2A4E} - System32\Tasks\Opera scheduled Autoupdate 1579022060 => C:\Users\Oťáček\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {8AB70ED9-471A-4103-AAB1-31AE9CCA5FF3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {9D2344E9-4391-4C29-AA8F-5718502945EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {A180BB23-80E0-45FB-BB28-9176AD2BB913} - System32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\NetFx20SP2_x86.exe" -d "E:\Stažené soubory"
Task: {CAD723BC-4618-4B9E-9F7D-6D372DFB2633} - System32\Tasks\Opera scheduled assistant Autoupdate 1582795558 => C:\Users\Oťáček\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {D3871F9A-AD1D-402E-9EFA-44509969FA14} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe)
Task: {EC009CEF-CFDD-4B90-8488-90D7158D2B08} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {EDF3DB7E-0040-4B7E-A77D-D1A1E538CCE8} - System32\Tasks\eM Client Database Backup (S-1-5-21-51665161-4008308083-3026018605-1000) => C:\Program Files (x86)\eM Client\DbBackup.exe [139624 2016-10-21] (eM Client, s.r.o. -> )
Task: {FE7A2D7C-9F72-4F37-BD69-16A4A358265D} - System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\dotnetfx35.exe" -d "E:\Stažené soubory"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{53702BC7-8C9E-41D1-94E4-1B2AEFB2F16B}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{555B09F5-81C2-4DDA-83D1-5057F55A238F}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{F84325AE-0BB8-4C06-854F-EAC454957FA1}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF DefaultProfile: gko5uglf.default-1581863657544
FF ProfilePath: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 [2020-09-22]
FF DownloadDir: E:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> hxxps://www.seznam.cz/?clid=22668
FF NewTab: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> hxxps://web.whatsapp.com; hxxps://www.youtube.com; hxxps://push.trafroll.com; hxxps://cz.xhamsterlive.com; hxxps://eurozpravy.cz; hxxps://cs.xhamsterlive.com; hxxps://cs.stripchat.com; hxxps://www.viry.cz; hxxps://www.sex-seznameni.cz; hxxps://www.alirecenze.cz
FF Extension: (Tampermonkey) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\firefox@tampermonkey.net.xpi [2020-07-31]
FF Extension: (clean-youtube) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2019-07-04]
FF Extension: (Dark Background and Light Text) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2020-08-21]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-08-21]
FF Extension: (S3.Translator) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\s3google@translator.xpi [2018-10-21]
FF Extension: (Tab Session Manager) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\Tab-Session-Manager@sienori.xpi [2020-09-17]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\tineye@ideeinc.com.xpi [2020-01-22]
FF Extension: (Adblock) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{5eb79492-b597-47fe-a446-5db692b6eec8}.xpi [2020-02-28]
FF Extension: (404 Bookmarks) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{5f8d31ba-47fb-4b70-bf8d-d2113f6da22f}.xpi [2019-12-16]
FF Extension: (Flash and Video Download) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-06-09]
FF Extension: (Video DownloadHelper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-30]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2019-01-13]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{ea692a27-4873-406e-bbc6-010c2dd9e9b5}.xpi [2020-05-11]
FF SearchPlugin: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\searchplugins\google-avast.xml [2019-02-22]
FF SearchPlugin: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\searchplugins\seznam-avast.xml [2019-02-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default [2020-09-21]
CHR DownloadDir: E:\Stažené soubory
CHR Notifications: Default -> hxxps://cs.xhamsterlive.com; hxxps://special-offers.online; hxxps://www.alirecenze.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-04]
CHR Extension: (Tab Hibernation) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2020-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 Agent; C:\Windows\VPDAgent_x64.exe [168960 2013-08-28] (Two Pilots) [File not signed]
R3 aswbIDSAgent; E:\Avast 2019\aswidsagent.exe [7824280 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; E:\Avast 2019\AvastSvc.exe [357848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11118976 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] (Crystal Rich Ltd -> )
S2 RealtekWlanU; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [36864 2014-04-15] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 USBSafelyRemoveService; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [1666416 2017-06-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206392 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235584 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195648 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42768 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175192 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [517080 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851600 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469880 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217328 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326408 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
R1 HWiNFO32-BackupByDriverBoosterPortable; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-24] (Martin Malik - REALiX -> REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3733208 2019-03-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Web Solution Mart -> Hajo Krabbenhöft)
R3 VAD_DEV; C:\Windows\System32\drivers\vad.sys [24992 2012-03-27] (Wondershare Software Co., Ltd. -> Windows (R) DDK provider) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WiseFs; C:\Windows\WiseFs64.sys [14256 2017-04-11] (Lespeed Technology Ltd. -> WiseCleaner.com) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-22 20:08 - 2020-09-22 20:12 - 000000000 ____D C:\FRST
2020-09-21 22:09 - 2020-09-21 22:08 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-09-21 22:08 - 2020-09-21 22:08 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-09-21 22:08 - 2020-09-21 22:08 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-09-19 11:16 - 2020-09-19 11:16 - 000000078 _____ C:\Users\Oťáček\AppData\Roaming\PCO.dat
2020-09-16 08:31 - 2020-09-22 10:02 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582795558
2020-09-15 16:50 - 2020-09-15 17:11 - 086311098 _____ C:\Users\Oťáček\Documents\MAKU.swf
2020-09-15 15:41 - 2020-09-15 15:41 - 073180558 _____ C:\Users\Oťáček\Documents\export.swf
2020-09-15 15:18 - 2020-09-15 15:18 - 478449664 _____ C:\Users\Oťáček\Documents\Sandra Bullock.avi
2020-09-12 08:35 - 2020-09-12 08:35 - 000001012 _____ C:\Users\Oťáček\Desktop\Rajče.lnk
2020-09-12 08:35 - 2020-09-12 08:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\rajce
2020-09-12 08:35 - 2020-09-12 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rajce
2020-09-07 09:27 - 2020-09-07 09:27 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\InternetOff
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetOff
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\ProgramData\IOffSvc
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\Program Files (x86)\InternetOff
2020-09-06 17:37 - 2020-09-06 17:44 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Subtitle Edit
2020-09-06 17:37 - 2020-09-06 17:37 - 000001878 _____ C:\Users\Public\Desktop\Subtitle Edit.lnk
2020-09-06 17:37 - 2020-09-06 17:37 - 000001878 _____ C:\ProgramData\Desktop\Subtitle Edit.lnk
2020-09-06 17:37 - 2020-09-06 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2020-09-06 17:37 - 2020-09-06 17:37 - 000000000 ____D C:\Program Files\Subtitle Edit
2020-09-03 14:57 - 2020-09-03 14:57 - 000001067 _____ C:\Users\Oťáček\Desktop\Format Factory.lnk
2020-09-03 14:57 - 2020-09-03 14:57 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2020-09-03 13:58 - 2020-09-03 14:53 - 000000000 ____D C:\Users\Oťáček\Downloads\FormatFactory2020_09_03
2020-09-01 22:02 - 2020-09-07 08:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-01 17:52 - 2020-09-01 17:57 - 000001704 _____ C:\Users\Oťáček\Desktop\Nový textový dokument (2).txt
2020-08-23 23:52 - 2020-08-24 00:12 - 000000000 ____D C:\Users\Oťáček\Downloads\FormatFactory2020_08_23
2020-08-23 13:47 - 2020-08-23 13:47 - 000000000 ____D C:\Windows\SysWOW64\sword-of-honour.avi_10parts
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-22 20:08 - 2017-04-10 16:10 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\Mozilla
2020-09-22 19:30 - 2017-04-10 14:16 - 000003978 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F4B66E77-4023-4CA3-A918-E9DABCC6A041}
2020-09-22 16:14 - 2018-02-26 11:24 - 000000000 ____D C:\Users\Oťáček\AppData\Local\AVAST Software
2020-09-22 15:52 - 2009-07-14 06:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-22 15:52 - 2009-07-14 06:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-22 15:44 - 2019-10-03 08:24 - 000004120 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-09-22 15:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-22 15:40 - 2018-04-30 11:23 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\vlc
2020-09-22 13:18 - 2009-07-14 06:45 - 005227120 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-22 13:11 - 2020-07-31 12:39 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2020-09-22 13:11 - 2017-04-10 16:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-22 10:02 - 2020-03-18 03:20 - 000003014 _____ C:\Windows\system32\Tasks\UMonitor Task
2020-09-22 10:02 - 2020-03-17 22:14 - 000003116 _____ C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}
2020-09-22 10:02 - 2020-03-17 22:06 - 000003124 _____ C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45}
2020-09-22 10:02 - 2020-02-23 20:15 - 000003208 _____ C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE}
2020-09-22 10:02 - 2020-01-14 19:14 - 000004072 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1579022060
2020-09-22 10:02 - 2019-03-09 01:18 - 000004544 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-22 10:02 - 2019-03-08 23:46 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-09-22 10:02 - 2018-10-27 18:55 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-09-22 10:02 - 2018-10-27 18:55 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-09-22 10:02 - 2018-03-13 22:41 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-22 10:02 - 2017-04-10 16:45 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-21 22:09 - 2020-04-09 00:57 - 000517080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-09-21 22:09 - 2019-03-28 11:16 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-09-21 20:43 - 2020-02-28 16:34 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\uTorrent
2020-09-21 07:46 - 2017-04-30 18:44 - 000039424 ___SH C:\Users\Oťáček\Thumbs.db
2020-09-20 02:46 - 2017-04-11 23:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-09-20 01:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-09-19 22:13 - 2017-04-10 15:57 - 000179720 _____ C:\Users\Oťáček\AppData\Local\GDIPFONTCACHEV1.DAT
2020-09-19 22:09 - 2017-04-10 14:13 - 000000000 ___RD C:\Users\Oťáček\Obrázky
2020-09-19 18:10 - 2020-05-18 20:35 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\MPC-HC
2020-09-19 15:57 - 2017-04-11 11:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\CrashDumps
2020-09-19 11:09 - 2019-02-26 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim
2020-09-19 11:09 - 2019-02-26 12:46 - 000000000 ____D C:\Program Files (x86)\Verbatim
2020-09-17 11:25 - 2017-05-16 16:01 - 000000047 _____ C:\trl.cfg
2020-09-16 08:42 - 2020-02-17 03:15 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\IGDump
2020-09-16 08:33 - 2017-04-10 16:43 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-15 15:39 - 2017-04-17 17:51 - 000057344 _____ C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-09-14 15:43 - 2020-04-14 16:24 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-14 15:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-09-14 11:18 - 2017-04-10 19:25 - 000000000 ____D C:\Users\Oťáček\Documents\Snagit
2020-09-12 06:49 - 2017-04-11 09:55 - 000000000 ____D C:\Windows\system32\MRT
2020-09-12 06:42 - 2017-04-11 09:55 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-10 22:08 - 2020-02-11 14:28 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-10 22:08 - 2020-02-11 14:28 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-10 22:08 - 2020-02-11 14:28 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-10 13:38 - 2020-07-24 16:34 - 000000000 ____D C:\Users\Oťáček\Documents\FormatFactory
2020-09-08 16:18 - 2017-04-11 23:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:18 - 2017-04-11 23:04 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:18 - 2017-04-11 23:04 - 000000000 ____D C:\Windows\system32\Macromed
2020-09-07 08:50 - 2020-07-24 16:28 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2020-09-03 16:49 - 2020-07-20 02:12 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2020-09-03 16:49 - 2020-07-20 02:12 - 000000349 _____ C:\ProgramData\Documents\PCLECHAL.INI
2020-09-03 15:12 - 2020-05-31 20:47 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\audacity
2020-08-31 12:40 - 2020-02-18 01:31 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\eM Client
2020-08-26 16:39 - 2009-07-14 17:18 - 000759582 _____ C:\Windows\system32\perfh005.dat
2020-08-26 16:39 - 2009-07-14 17:18 - 000177416 _____ C:\Windows\system32\perfc005.dat
2020-08-26 16:39 - 2009-07-14 07:13 - 001818714 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-24 08:04 - 2019-07-31 07:11 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-24 08:04 - 2019-07-31 07:11 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-08-23 13:50 - 2020-03-17 21:37 - 000000000 ____D C:\Users\Oťáček\AppData\Local\Vzum
==================== Files in the root of some directories ========
2017-05-19 08:47 - 2017-05-19 08:47 - 000000132 _____ () C:\Users\Oťáček\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-03-13 11:11 - 2018-03-13 11:11 - 000195236 _____ () C:\Users\Oťáček\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-01-08 14:02 - 2019-01-08 14:02 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\FC.dat
2017-07-03 20:29 - 2017-07-03 20:29 - 000099384 _____ () C:\Users\Oťáček\AppData\Roaming\inst.exe
2019-11-04 14:31 - 2019-11-04 14:31 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\IP.dat
2020-04-13 22:00 - 2020-04-13 22:00 - 000000275 _____ () C:\Users\Oťáček\AppData\Roaming\mplex-log.log
2017-05-13 15:13 - 2017-09-23 12:52 - 000000643 _____ () C:\Users\Oťáček\AppData\Roaming\OŤÁČEK-PC.MTBF.txt
2020-09-19 11:16 - 2020-09-19 11:16 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\PCO.dat
2017-07-03 20:29 - 2017-07-03 20:29 - 000007859 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2017-07-03 20:29 - 2017-07-03 20:29 - 000001167 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.inf
2017-07-03 20:29 - 2017-07-03 20:29 - 000000055 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.log
2017-07-03 20:29 - 2017-07-03 20:29 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2017-04-17 17:51 - 2020-09-15 15:39 - 000057344 _____ () C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-06 13:08 - 2018-09-04 13:15 - 000000218 _____ () C:\Users\Oťáček\AppData\Local\recently-used.xbel
2018-09-06 11:04 - 2020-07-29 09:28 - 000007596 _____ () C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-14 00:59
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2020
Ran by Oťáček (22-09-2020 20:13:25)
Running from E:\Stažené soubory
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-10 12:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-51665161-4008308083-3026018605-500 - Administrator - Disabled)
Guest (S-1-5-21-51665161-4008308083-3026018605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51665161-4008308083-3026018605-1002 - Limited - Enabled)
Oťáček (S-1-5-21-51665161-4008308083-3026018605-1000 - Administrator - Enabled) => C:\Users\Oťáček
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Abrosoft FantaMorph 5.3.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.5 - Abrosoft)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
AirDroid 3.5.4.0 (HKLM-x32\...\AirDroid) (Version: 3.5.4.0 - Sand Studio)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
CD Recovery Toolbox Free 2.2 (HKLM-x32\...\CD Recovery Toolbox Free_is1) (Version: - File Master LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2015 Font Manager (HKLM-x32\...\FontExpert 2015) (Version: 13.0.0.1 - Proxima Software)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GreenCloud Printer 7.8.4.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.8.4.0 - ObviousIdea)
GreenScreenWizard 6.9 (HKLM-x32\...\Green Screen Wizard Pro 6.9_is1) (Version: - GreenScreen Wizard LLC)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
iData RAW Partition Recovery version 1.0.0.8 (HKLM-x32\...\{8F3CD5EF-6D71-43CC-B1B9-F65C16692284}}_is1) (Version: 1.0.0.8 - iData Recovery)
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12527.21104 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\f9a89bd2a46a7606) (Version: 17.0.4478.3 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: - )
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.5.0 - Mozilla)
Mozilla Thunderbird 78.2.2 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.2.2 (x64 cs)) (Version: 78.2.2 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netis Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.01.0243 - REALTEK Semiconductor Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Opera Stable 70.0.3728.189 (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Opera 70.0.3728.189) (Version: 70.0.3728.189 - Opera Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\PhotoFiltre Studio X) (Version: - )
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
POPFile Data (Oťáček) (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\POPFile_Data) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Process Liquidator (HKLM-x32\...\{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1) (Version: 2.1.0.0 - 12Bytes)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScanToPDF 3.1.4 (HKLM-x32\...\ScanToPDF) (Version: 3.1.4 - O Imaging Corporation)
Skype verze 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Snagit 11 (HKLM-x32\...\{1FB78CB6-F4EA-474F-8B0B-100EFACF3558}) (Version: 11.4.0 - TechSmith Corporation)
Subtitle Edit 3.5.16 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.16.0 - Nikse)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TinEye Internet Explorer plugin 1.0 (HKLM-x32\...\{9B8ACEA2-BA21-4A91-A950-144FED3ED133}) (Version: 1.0.0 - Idée Inc.)
Tisk Obalek 3.2.1.2 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.1.2 - Mgr. Radovan Kraus)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Verbatim GREEN BUTTON 1.68 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.322 - MPC-HC Team)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wise Duplicate Finder 1.2.9 (HKLM-x32\...\Wise Duplicate Finder_is1) (Version: 1.2.9 - WiseCleaner.com, Inc.)
Wise Folder Hider 3.38 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-51665161-4008308083-3026018605-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Oťáček\Desktop\MailCliеnt.exe – zástupce.lnk -> C:\Program Files (x86)\eM Client\MailCliеnt.exe (eM Client s.r.o.) <==== Cyrillic
ShortcutWithArgument: C:\Users\Oťáček\Desktop\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
ShortcutWithArgument: C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
==================== Loaded Modules (Whitelisted) =============
2014-03-03 15:36 - 2014-03-03 15:36 - 001298432 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-03-03 15:40 - 2014-03-03 15:40 - 000110592 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2014-03-03 15:41 - 2014-03-03 15:41 - 000128512 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2017-04-13 09:25 - 2012-03-06 16:05 - 000054784 _____ () [File not signed] C:\Windows\System32\gcprpm.dll
2018-02-15 18:35 - 2015-02-27 15:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2013-04-29 23:02 - 2013-04-29 23:02 - 000005120 ____N (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000480256 ____N (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\libhunspell.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000066192 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFJbg15U.DLL
2014-03-03 15:32 - 2014-03-03 15:32 - 000126096 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFPng15U.DLL
2014-03-03 15:32 - 2014-03-03 15:32 - 000212112 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgclr15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000208016 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgefx15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000134288 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgutl15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000122000 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Lttwn15u.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2014-03-03 15:59 - 2014-04-25 18:42 - 008360816 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItEditorRes.dll
2014-03-03 15:59 - 2014-04-25 18:42 - 007454064 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItres.dll
2014-03-03 15:31 - 2014-03-03 15:31 - 000165888 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TSCREC3.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000076288 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\UpdaterInterop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-02-23 11:25 - 2020-08-07 10:16 - 000001242 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 https://www.bestgamesvault.com
127.0.0.1 https://zonky.cz
127.0.0.1 https://lp.synottip.cz
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Pinnacle\Shared Files\
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: eM Client => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: FontExpertType1Loader => C:\Program Files (x86)\FontExpert\Type1Loader.exe
MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\Oťáček\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Oťáček\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9A6F0209-D19B-4299-8666-EC5C8470DD4C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E28311D5-3189-49D3-9CB8-AB39EA708E59}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A96AAC25-E7AA-47B7-A4BC-42E422A721D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{CF53A994-8A54-4307-A7F3-C86AE88491CF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3B954530-6AF4-4DB6-9AF1-B0190470DB36}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC62EE05-B3BC-4CD1-BAF9-A96390137FB9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20C3F74D-FF94-4107-89B4-9E667176F7CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF9F4863-97C3-4C4A-91D9-06F31142589E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B652D7E-1ED7-40B1-8222-F834CF8A4085}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{8C0DE59C-565B-494E-A3CE-6DC015372205}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{15EB7E9D-877E-4E4A-A7A4-555F8F8E7EED}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{49109BE4-33B3-4E6A-97A1-E4A5F313EB48}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{8EF52979-9291-40A5-8FD2-C8235F698732}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File
FirewallRules: [TCP Query User{F7095C8D-2717-4DC8-A34E-7DF9EED0AED8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{32B2203D-2DC2-4F95-9729-AAE978859F3E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{B9D00C3A-CC73-4D41-9B07-2E7303C06C37}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{3EAD46FC-A5D6-43B7-8E52-988F13F20361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{A8595D0D-BC20-428B-ADE5-178A223B0724}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{018DB134-0E56-47F5-8B03-CA77AD573AA4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D9965A42-40F7-4621-BABE-A00AAC37BA24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9260761F-7BE2-4725-B4C5-BA41F14F8DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [{A397107B-23FD-444A-A2DC-92AA4F712F91}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{FF123FB9-9A02-4186-AC59-9C43FD53FBA5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{29308BCA-4AE2-4126-8563-0EEC698919AE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1441ACA2-712F-4CD7-988B-C063BFC3008D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F350E590-3BFA-4AC9-A8DA-519CCFEDDD3D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FE707B5E-32F2-47F2-9FCE-8D5BF6F14BBE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A1C8335C-9990-4CA0-85E2-C6E74E65A4F8}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A56C19DE-6D46-4228-9968-364E8FC3F0D1}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [TCP Query User{8E9861CF-8002-4F1E-99F6-EB3B14412A30}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{B699AD97-FF17-4260-A4E4-98E30200385D}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [{DE807617-92DC-4506-ACED-4214B20F3401}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare software CO., LIMITED -> Wondershare)
FirewallRules: [TCP Query User{ED2AA70A-653A-4B0C-AAD2-D1504468990B}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{96DA9ED8-C5AC-49D9-BEF8-60CE32AB5911}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E9644745-BCD8-4D42-9894-E6C12719B6BD}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{4430278E-3A6B-49BA-9281-BC195FF2F338}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1B4F7268-E02D-4A4C-B54D-A3B55AF9EB7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{088E71EC-74BF-4945-AE2A-0FDCB5515D8A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{FEE9C1D6-3969-4F26-AAAF-774AE3B4E796}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94092F36-B70E-4213-99C4-50116595D219}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A8A182D-A4E6-4F58-BEEF-E3CB08BF23E3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A530F5C-0993-45E1-AF78-85CD50B2F5E8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BD5D3CD7-6CB9-4323-96F1-4039F0943A4F}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [UDP Query User{B00F7218-91D1-4C79-8BC3-AA240D426BA9}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [{14F578DB-99EE-479C-8878-3680A2B031D1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{FE0B1FD2-CB9A-4DCD-A2C2-3E87318008AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{55B2774C-F399-40FB-8D22-3C75AE8904C0}] => (Allow) C:\Users\Oťáček\AppData\Local\Programs\Opera\70.0.3728.178\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{303CA865-54C5-4837-AD3E-943299DEF89D}] => (Allow) C:\Users\Oťáček\AppData\Local\Programs\Opera\70.0.3728.189\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:48.83 GB) (Free:2.77 GB) (6%)
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/22/2020 01:01:58 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (09/22/2020 03:44:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek DHCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/22/2020 03:43:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Wondershare Application Update Service 3.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/22/2020 03:43:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Wondershare Application Update Service 3.0 bylo dosaženo časového limitu (30000 ms).
Error: (09/22/2020 03:42:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RealtekWlanU neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/22/2020 03:42:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby RealtekWlanU bylo dosaženo časového limitu (30000 ms).
Error: (09/22/2020 03:42:29 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error: (09/22/2020 03:42:29 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error: (09/22/2020 03:42:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.
CodeIntegrity:
===================================
Date: 2020-03-01 08:01:29.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.819
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.655
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.179
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.013
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.848
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1305 02/11/2011
Motherboard: ASUSTeK Computer INC. P8H67-M EVO
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 68%
Total physical RAM: 8173.24 MB
Available physical RAM: 2605.31 MB
Total Virtual: 16644.62 MB
Available Virtual: 11183.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.83 GB) (Free:2.77 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (HD710 PRO) (Fixed) (Total:1863 GB) (Free:1633.36 GB) exFAT
Drive e: (HDD) (Fixed) (Total:882.68 GB) (Free:44.95 GB) NTFS
Drive h: (ADATA HV100) (Fixed) (Total:1862.56 GB) (Free:47.43 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DD32DD32)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 0DB9BF25)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 87A12B7E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Comp často zamrzá
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Comp často zamrzá
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jarda.otta
- Návštěvník
- Příspěvky: 520
- Registrován: 25 bře 2005 21:21
Re: Comp často zamrzá
To už jsem sice udělal a nic nenašlo, ale zopakuji.
-
jarda.otta
- Návštěvník
- Příspěvky: 520
- Registrován: 25 bře 2005 21:21
Re: Comp často zamrzá
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-22-2020
# Duration: 00:00:35
# OS: Windows 7 Home Premium
# Scanned: 31837
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.22ChromeEXT Tab Hibernation - pbdpajcdgknpendpmecafmopknefafha
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1413 octets] - [01/08/2020 15:16:39]
AdwCleaner[S01].txt - [1474 octets] - [24/08/2020 02:12:19]
AdwCleaner[S02].txt - [1535 octets] - [07/09/2020 09:03:05]
AdwCleaner[S03].txt - [1596 octets] - [09/09/2020 10:53:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-22-2020
# Duration: 00:00:35
# OS: Windows 7 Home Premium
# Scanned: 31837
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.22ChromeEXT Tab Hibernation - pbdpajcdgknpendpmecafmopknefafha
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1413 octets] - [01/08/2020 15:16:39]
AdwCleaner[S01].txt - [1474 octets] - [24/08/2020 02:12:19]
AdwCleaner[S02].txt - [1535 octets] - [07/09/2020 09:03:05]
AdwCleaner[S03].txt - [1596 octets] - [09/09/2020 10:53:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Comp často zamrzá
Nalezenou položku smažte a dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jarda.otta
- Návštěvník
- Příspěvky: 520
- Registrován: 25 bře 2005 21:21
Re: Comp často zamrzá
Omlouvám se za odmlku.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Oťáček (23-09-2020 19:57:48)
Running from E:\Stažené soubory
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-10 12:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-51665161-4008308083-3026018605-500 - Administrator - Disabled)
Guest (S-1-5-21-51665161-4008308083-3026018605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51665161-4008308083-3026018605-1002 - Limited - Enabled)
Oťáček (S-1-5-21-51665161-4008308083-3026018605-1000 - Administrator - Enabled) => C:\Users\Oťáček
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Abrosoft FantaMorph 5.3.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.5 - Abrosoft)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
AirDroid 3.5.4.0 (HKLM-x32\...\AirDroid) (Version: 3.5.4.0 - Sand Studio)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
CD Recovery Toolbox Free 2.2 (HKLM-x32\...\CD Recovery Toolbox Free_is1) (Version: - File Master LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2015 Font Manager (HKLM-x32\...\FontExpert 2015) (Version: 13.0.0.1 - Proxima Software)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GreenCloud Printer 7.8.4.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.8.4.0 - ObviousIdea)
GreenScreenWizard 6.9 (HKLM-x32\...\Green Screen Wizard Pro 6.9_is1) (Version: - GreenScreen Wizard LLC)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
iData RAW Partition Recovery version 1.0.0.8 (HKLM-x32\...\{8F3CD5EF-6D71-43CC-B1B9-F65C16692284}}_is1) (Version: 1.0.0.8 - iData Recovery)
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12527.21104 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\f9a89bd2a46a7606) (Version: 17.0.4478.3 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: - )
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.5.0 - Mozilla)
Mozilla Thunderbird 78.2.2 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.2.2 (x64 cs)) (Version: 78.2.2 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netis Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.01.0243 - REALTEK Semiconductor Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Opera Stable 70.0.3728.189 (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Opera 70.0.3728.189) (Version: 70.0.3728.189 - Opera Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\PhotoFiltre Studio X) (Version: - )
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
POPFile Data (Oťáček) (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\POPFile_Data) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Process Liquidator (HKLM-x32\...\{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1) (Version: 2.1.0.0 - 12Bytes)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScanToPDF 3.1.4 (HKLM-x32\...\ScanToPDF) (Version: 3.1.4 - O Imaging Corporation)
Skype verze 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Snagit 11 (HKLM-x32\...\{1FB78CB6-F4EA-474F-8B0B-100EFACF3558}) (Version: 11.4.0 - TechSmith Corporation)
Subtitle Edit 3.5.16 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.16.0 - Nikse)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TinEye Internet Explorer plugin 1.0 (HKLM-x32\...\{9B8ACEA2-BA21-4A91-A950-144FED3ED133}) (Version: 1.0.0 - Idée Inc.)
Tisk Obalek 3.2.1.2 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.1.2 - Mgr. Radovan Kraus)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Verbatim GREEN BUTTON 1.68 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.322 - MPC-HC Team)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wise Duplicate Finder 1.2.9 (HKLM-x32\...\Wise Duplicate Finder_is1) (Version: 1.2.9 - WiseCleaner.com, Inc.)
Wise Folder Hider 3.38 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-51665161-4008308083-3026018605-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Oťáček\Desktop\MailCliеnt.exe – zástupce.lnk -> C:\Program Files (x86)\eM Client\MailCliеnt.exe (eM Client s.r.o.) <==== Cyrillic
ShortcutWithArgument: C:\Users\Oťáček\Desktop\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
ShortcutWithArgument: C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
==================== Loaded Modules (Whitelisted) =============
2019-03-19 10:29 - 2012-08-08 22:56 - 000863232 ____N ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\P2PLib.dll
2019-03-19 10:29 - 2013-02-27 18:17 - 000221184 ____N () [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\EnumDevLib.dll
2014-03-03 15:36 - 2014-03-03 15:36 - 001298432 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-03-03 15:40 - 2014-03-03 15:40 - 000110592 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2014-03-03 15:41 - 2014-03-03 15:41 - 000128512 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2017-04-13 09:25 - 2012-03-06 16:05 - 000054784 _____ () [File not signed] C:\Windows\System32\gcprpm.dll
2018-02-15 18:35 - 2015-02-27 15:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000480256 ____N (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\libhunspell.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000066192 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFJbg15U.DLL
2014-03-03 15:32 - 2014-03-03 15:32 - 000126096 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFPng15U.DLL
2014-03-03 15:32 - 2014-03-03 15:32 - 000212112 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgclr15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000208016 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgefx15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000134288 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgutl15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000122000 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Lttwn15u.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2019-03-19 10:29 - 2013-12-23 12:26 - 000528384 ____N (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlLib.dll
2019-03-19 10:29 - 2012-09-13 10:25 - 000200704 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\IpLib.dll
2019-03-19 10:29 - 2012-05-07 15:23 - 000040960 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlICS.dll
2019-03-19 10:29 - 2014-02-27 21:12 - 000272384 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlIhvOid.dll
2019-03-19 10:29 - 2012-06-22 17:01 - 000044544 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlQRCode.dll
2014-03-03 15:59 - 2014-04-25 18:42 - 008360816 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItEditorRes.dll
2014-03-03 15:59 - 2014-04-25 18:42 - 007454064 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItres.dll
2014-03-03 15:31 - 2014-03-03 15:31 - 000165888 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TSCREC3.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000076288 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\UpdaterInterop.dll
2019-03-19 10:29 - 2009-07-23 18:32 - 001122304 ____N (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\LIBEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-02-23 11:25 - 2020-08-07 10:16 - 000001242 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 https://www.bestgamesvault.com
127.0.0.1 https://zonky.cz
127.0.0.1 https://lp.synottip.cz
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Pinnacle\Shared Files\
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: eM Client => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: FontExpertType1Loader => C:\Program Files (x86)\FontExpert\Type1Loader.exe
MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\Oťáček\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Oťáček\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9A6F0209-D19B-4299-8666-EC5C8470DD4C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E28311D5-3189-49D3-9CB8-AB39EA708E59}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A96AAC25-E7AA-47B7-A4BC-42E422A721D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{CF53A994-8A54-4307-A7F3-C86AE88491CF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3B954530-6AF4-4DB6-9AF1-B0190470DB36}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC62EE05-B3BC-4CD1-BAF9-A96390137FB9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20C3F74D-FF94-4107-89B4-9E667176F7CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF9F4863-97C3-4C4A-91D9-06F31142589E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B652D7E-1ED7-40B1-8222-F834CF8A4085}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{8C0DE59C-565B-494E-A3CE-6DC015372205}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{15EB7E9D-877E-4E4A-A7A4-555F8F8E7EED}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{49109BE4-33B3-4E6A-97A1-E4A5F313EB48}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{8EF52979-9291-40A5-8FD2-C8235F698732}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File
FirewallRules: [TCP Query User{F7095C8D-2717-4DC8-A34E-7DF9EED0AED8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{32B2203D-2DC2-4F95-9729-AAE978859F3E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{B9D00C3A-CC73-4D41-9B07-2E7303C06C37}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{3EAD46FC-A5D6-43B7-8E52-988F13F20361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{A8595D0D-BC20-428B-ADE5-178A223B0724}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{018DB134-0E56-47F5-8B03-CA77AD573AA4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D9965A42-40F7-4621-BABE-A00AAC37BA24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9260761F-7BE2-4725-B4C5-BA41F14F8DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [{A397107B-23FD-444A-A2DC-92AA4F712F91}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{FF123FB9-9A02-4186-AC59-9C43FD53FBA5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{29308BCA-4AE2-4126-8563-0EEC698919AE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1441ACA2-712F-4CD7-988B-C063BFC3008D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F350E590-3BFA-4AC9-A8DA-519CCFEDDD3D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FE707B5E-32F2-47F2-9FCE-8D5BF6F14BBE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A1C8335C-9990-4CA0-85E2-C6E74E65A4F8}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A56C19DE-6D46-4228-9968-364E8FC3F0D1}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [TCP Query User{8E9861CF-8002-4F1E-99F6-EB3B14412A30}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{B699AD97-FF17-4260-A4E4-98E30200385D}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [{DE807617-92DC-4506-ACED-4214B20F3401}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare software CO., LIMITED -> Wondershare)
FirewallRules: [TCP Query User{ED2AA70A-653A-4B0C-AAD2-D1504468990B}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{96DA9ED8-C5AC-49D9-BEF8-60CE32AB5911}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E9644745-BCD8-4D42-9894-E6C12719B6BD}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{4430278E-3A6B-49BA-9281-BC195FF2F338}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1B4F7268-E02D-4A4C-B54D-A3B55AF9EB7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{088E71EC-74BF-4945-AE2A-0FDCB5515D8A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{FEE9C1D6-3969-4F26-AAAF-774AE3B4E796}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94092F36-B70E-4213-99C4-50116595D219}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A8A182D-A4E6-4F58-BEEF-E3CB08BF23E3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A530F5C-0993-45E1-AF78-85CD50B2F5E8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BD5D3CD7-6CB9-4323-96F1-4039F0943A4F}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [UDP Query User{B00F7218-91D1-4C79-8BC3-AA240D426BA9}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [{14F578DB-99EE-479C-8878-3680A2B031D1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{55B2774C-F399-40FB-8D22-3C75AE8904C0}] => (Allow) C:\Users\Oťáček\AppData\Local\Programs\Opera\70.0.3728.178\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{303CA865-54C5-4837-AD3E-943299DEF89D}] => (Allow) C:\Users\Oťáček\AppData\Local\Programs\Opera\70.0.3728.189\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6B1301A7-07B8-4E5F-92C8-D022D350DB6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:48.83 GB) (Free:3.26 GB) (7%)
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/22/2020 01:01:58 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (09/23/2020 08:15:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek DHCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:14:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Internet Off Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VPDAgent byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Folder Size byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSCamSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-03-01 08:01:29.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.819
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.655
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.179
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.013
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.848
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1305 02/11/2011
Motherboard: ASUSTeK Computer INC. P8H67-M EVO
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 88%
Total physical RAM: 8173.24 MB
Available physical RAM: 909.39 MB
Total Virtual: 16644.62 MB
Available Virtual: 8613.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.83 GB) (Free:3.26 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (HD710 PRO) (Fixed) (Total:1863 GB) (Free:1633.36 GB) exFAT
Drive e: (HDD) (Fixed) (Total:882.68 GB) (Free:30.11 GB) NTFS
Drive h: (ADATA HV100) (Fixed) (Total:1862.56 GB) (Free:47.43 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DD32DD32)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 0DB9BF25)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 87A12B7E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Oťáček (administrator) on OŤÁČEK-PC (23-09-2020 19:55:52)
Running from E:\Stažené soubory
Loaded Profiles: Oťáček
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\runSW.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\AvastUI.exe <4>
(Brio) [File not signed] C:\Program Files\FolderSize\FolderSizeSvc.exe
(Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\InternetOff.exe
(Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\IOffSvc.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWLan.exe
(Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe
(Realtek) [File not signed] C:\Windows\SwUSB.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
(Two Pilots) [File not signed] C:\Windows\VPDAgent_x64.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => E:\Avast 2019\AvLaunch.exe [109160 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [InternetOff] => C:\Program Files (x86)\InternetOff\InternetOff.exe [3182360 2016-05-25] (Crystal Rich Ltd -> )
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\SSP2MPC: C:\Windows\System32\spool\prtprocs\x64\ssp2mpc.dll [33792 2009-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [52248 2019-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us007PC: C:\Windows\System32\spool\prtprocs\x64\us007pc.dll [52240 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\gcprm: C:\Windows\system32\gcprpm.dll [54784 2012-03-06] () [File not signed]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\SSP2M Langmon: C:\Windows\system32\ssp2ml6.dll [22016 2008-01-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us005 Langmon: C:\Windows\system32\us005lm.dll [31256 2019-03-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us007 Langmon: C:\Windows\system32\us007lm.dll [31248 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2020-02-18]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk [2017-04-10]
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0584A722-7270-4D5B-9CBE-B3A513B5AEAA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E9BB8EB-7707-47AB-95C9-1FD696B4753B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {11F27765-264A-41F2-929A-9AC291E5530B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {14B9D031-2025-4737-8E7C-BD951A7C1D4F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {164B769E-B179-4FBC-9451-D66F4574E7A5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {211F0999-E43B-4F8A-8B7F-504B1A76E4A9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2854F702-2543-49C6-B6F8-8CCA9261458A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {385AD0A4-9CF9-491F-91A4-710A445B5C5B} - System32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\TechSmith\Snagit 11\SnagitPI.exe" -d "C:\Program Files (x86)\TechSmith\Snagit 11"
Task: {42D1B611-74D8-4E70-8AB0-CD9A323017BF} - System32\Tasks\Avast Emergency Update => E:\Avast 2019\AvEmUpdate.exe [3850336 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
Task: {511BF905-4DC3-4625-88E7-18651B3DDBEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {545AEE0F-05B3-40B1-84C0-AE04A1C73FCB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D5D6B16-958E-4985-9413-495B499330B0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {63673011-F893-4D81-B48B-0AAEC5EFD1F8} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {68F472C4-6DEF-4E63-B7E8-B6D0019C2A4E} - System32\Tasks\Opera scheduled Autoupdate 1579022060 => C:\Users\Oťáček\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {8AB70ED9-471A-4103-AAB1-31AE9CCA5FF3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {9D2344E9-4391-4C29-AA8F-5718502945EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {A180BB23-80E0-45FB-BB28-9176AD2BB913} - System32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\NetFx20SP2_x86.exe" -d "E:\Stažené soubory"
Task: {CAD723BC-4618-4B9E-9F7D-6D372DFB2633} - System32\Tasks\Opera scheduled assistant Autoupdate 1582795558 => C:\Users\Oťáček\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {D3871F9A-AD1D-402E-9EFA-44509969FA14} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe)
Task: {EC009CEF-CFDD-4B90-8488-90D7158D2B08} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {EDF3DB7E-0040-4B7E-A77D-D1A1E538CCE8} - System32\Tasks\eM Client Database Backup (S-1-5-21-51665161-4008308083-3026018605-1000) => C:\Program Files (x86)\eM Client\DbBackup.exe [139624 2016-10-21] (eM Client, s.r.o. -> )
Task: {FE7A2D7C-9F72-4F37-BD69-16A4A358265D} - System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\dotnetfx35.exe" -d "E:\Stažené soubory"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{53702BC7-8C9E-41D1-94E4-1B2AEFB2F16B}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{555B09F5-81C2-4DDA-83D1-5057F55A238F}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{F84325AE-0BB8-4C06-854F-EAC454957FA1}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF DefaultProfile: gko5uglf.default-1581863657544
FF ProfilePath: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 [2020-09-23]
FF DownloadDir: E:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> hxxps://www.seznam.cz/?clid=22668
FF NewTab: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> hxxps://web.whatsapp.com; hxxps://www.youtube.com; hxxps://push.trafroll.com; hxxps://cz.xhamsterlive.com; hxxps://eurozpravy.cz; hxxps://cs.xhamsterlive.com; hxxps://cs.stripchat.com; hxxps://www.viry.cz; hxxps://www.sex-seznameni.cz; hxxps://www.alirecenze.cz
FF Extension: (Tampermonkey) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\firefox@tampermonkey.net.xpi [2020-07-31]
FF Extension: (clean-youtube) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2019-07-04]
FF Extension: (Dark Background and Light Text) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2020-08-21]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-08-21]
FF Extension: (S3.Translator) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\s3google@translator.xpi [2018-10-21]
FF Extension: (Tab Session Manager) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\Tab-Session-Manager@sienori.xpi [2020-09-17]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\tineye@ideeinc.com.xpi [2020-01-22]
FF Extension: (Adblock) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{5eb79492-b597-47fe-a446-5db692b6eec8}.xpi [2020-02-28]
FF Extension: (404 Bookmarks) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{5f8d31ba-47fb-4b70-bf8d-d2113f6da22f}.xpi [2019-12-16]
FF Extension: (Flash and Video Download) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-06-09]
FF Extension: (Video DownloadHelper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-30]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2019-01-13]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{ea692a27-4873-406e-bbc6-010c2dd9e9b5}.xpi [2020-05-11]
FF SearchPlugin: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\searchplugins\google-avast.xml [2019-02-22]
FF SearchPlugin: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\searchplugins\seznam-avast.xml [2019-02-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default [2020-09-22]
CHR DownloadDir: E:\Stažené soubory
CHR Notifications: Default -> hxxps://cs.xhamsterlive.com; hxxps://special-offers.online; hxxps://www.alirecenze.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-04]
CHR Extension: (Chrome Media Router) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 Agent; C:\Windows\VPDAgent_x64.exe [168960 2013-08-28] (Two Pilots) [File not signed]
R3 aswbIDSAgent; E:\Avast 2019\aswidsagent.exe [7824280 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; E:\Avast 2019\AvastSvc.exe [357848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11118976 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] (Crystal Rich Ltd -> )
R2 RealtekWlanU; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [36864 2014-04-15] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 USBSafelyRemoveService; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [1666416 2017-06-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206392 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235584 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195648 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42768 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175192 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [517080 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851600 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469880 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217328 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326408 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
R1 HWiNFO32-BackupByDriverBoosterPortable; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-24] (Martin Malik - REALiX -> REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3733208 2019-03-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Web Solution Mart -> Hajo Krabbenhöft)
R3 VAD_DEV; C:\Windows\System32\drivers\vad.sys [24992 2012-03-27] (Wondershare Software Co., Ltd. -> Windows (R) DDK provider) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WiseFs; C:\Windows\WiseFs64.sys [14256 2017-04-11] (Lespeed Technology Ltd. -> WiseCleaner.com) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-22 20:08 - 2020-09-23 19:56 - 000000000 ____D C:\FRST
2020-09-21 22:09 - 2020-09-21 22:08 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-09-21 22:08 - 2020-09-21 22:08 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-09-21 22:08 - 2020-09-21 22:08 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-09-19 11:16 - 2020-09-19 11:16 - 000000078 _____ C:\Users\Oťáček\AppData\Roaming\PCO.dat
2020-09-16 08:31 - 2020-09-23 18:44 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582795558
2020-09-15 16:50 - 2020-09-15 17:11 - 086311098 _____ C:\Users\Oťáček\Documents\MAKU.swf
2020-09-15 15:41 - 2020-09-15 15:41 - 073180558 _____ C:\Users\Oťáček\Documents\export.swf
2020-09-15 15:18 - 2020-09-15 15:18 - 478449664 _____ C:\Users\Oťáček\Documents\Sandra Bullock.avi
2020-09-12 08:35 - 2020-09-12 08:35 - 000001012 _____ C:\Users\Oťáček\Desktop\Rajče.lnk
2020-09-12 08:35 - 2020-09-12 08:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\rajce
2020-09-12 08:35 - 2020-09-12 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rajce
2020-09-07 09:27 - 2020-09-07 09:27 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\InternetOff
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetOff
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\ProgramData\IOffSvc
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\Program Files (x86)\InternetOff
2020-09-06 17:37 - 2020-09-06 17:44 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Subtitle Edit
2020-09-06 17:37 - 2020-09-06 17:37 - 000001878 _____ C:\Users\Public\Desktop\Subtitle Edit.lnk
2020-09-06 17:37 - 2020-09-06 17:37 - 000001878 _____ C:\ProgramData\Desktop\Subtitle Edit.lnk
2020-09-06 17:37 - 2020-09-06 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2020-09-06 17:37 - 2020-09-06 17:37 - 000000000 ____D C:\Program Files\Subtitle Edit
2020-09-03 14:57 - 2020-09-03 14:57 - 000001067 _____ C:\Users\Oťáček\Desktop\Format Factory.lnk
2020-09-03 14:57 - 2020-09-03 14:57 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2020-09-03 13:58 - 2020-09-03 14:53 - 000000000 ____D C:\Users\Oťáček\Downloads\FormatFactory2020_09_03
2020-09-01 22:02 - 2020-09-23 09:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-01 17:52 - 2020-09-01 17:57 - 000001704 _____ C:\Users\Oťáček\Desktop\Nový textový dokument (2).txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-23 19:56 - 2020-02-28 16:34 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\uTorrent
2020-09-23 18:50 - 2009-07-14 06:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-23 18:50 - 2009-07-14 06:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-23 18:44 - 2020-03-18 03:20 - 000003014 _____ C:\Windows\system32\Tasks\UMonitor Task
2020-09-23 18:44 - 2020-03-17 22:14 - 000003116 _____ C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}
2020-09-23 18:44 - 2020-03-17 22:06 - 000003124 _____ C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45}
2020-09-23 18:44 - 2020-02-23 20:15 - 000003208 _____ C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE}
2020-09-23 18:44 - 2020-01-14 19:14 - 000004072 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1579022060
2020-09-23 18:44 - 2019-03-09 01:18 - 000004544 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-23 18:44 - 2019-03-08 23:46 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-09-23 18:44 - 2018-10-27 18:55 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-09-23 18:44 - 2018-10-27 18:55 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-09-23 18:44 - 2018-03-13 22:41 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-23 18:44 - 2017-04-10 16:45 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-23 18:44 - 2017-04-10 14:16 - 000003978 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F4B66E77-4023-4CA3-A918-E9DABCC6A041}
2020-09-23 10:14 - 2017-04-10 16:43 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-23 08:48 - 2018-02-26 11:24 - 000000000 ____D C:\Users\Oťáček\AppData\Local\AVAST Software
2020-09-23 08:30 - 2017-04-10 16:10 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\Mozilla
2020-09-23 08:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-23 08:12 - 2020-08-01 15:15 - 000000000 ____D C:\AdwCleaner
2020-09-22 22:59 - 2020-02-11 14:28 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-22 22:59 - 2020-02-11 14:28 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-22 22:59 - 2020-02-11 14:28 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 22:00 - 2020-05-12 10:33 - 000046080 ___SH C:\Users\Oťáček\Documents\Thumbs.db
2020-09-22 21:51 - 2017-04-10 14:13 - 000000000 ___RD C:\Users\Oťáček\Obrázky
2020-09-22 21:41 - 2017-04-30 18:44 - 000039424 ___SH C:\Users\Oťáček\Thumbs.db
2020-09-22 15:44 - 2019-10-03 08:24 - 000004120 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-09-22 15:40 - 2018-04-30 11:23 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\vlc
2020-09-22 13:18 - 2009-07-14 06:45 - 005227120 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-22 13:11 - 2020-07-31 12:39 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2020-09-22 13:11 - 2017-04-10 16:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-21 22:09 - 2020-04-09 00:57 - 000517080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-09-21 22:09 - 2019-03-28 11:16 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-09-20 02:46 - 2017-04-11 23:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-09-20 01:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-09-19 22:13 - 2017-04-10 15:57 - 000179720 _____ C:\Users\Oťáček\AppData\Local\GDIPFONTCACHEV1.DAT
2020-09-19 18:10 - 2020-05-18 20:35 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\MPC-HC
2020-09-19 15:57 - 2017-04-11 11:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\CrashDumps
2020-09-19 11:09 - 2019-02-26 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim
2020-09-19 11:09 - 2019-02-26 12:46 - 000000000 ____D C:\Program Files (x86)\Verbatim
2020-09-17 11:25 - 2017-05-16 16:01 - 000000047 _____ C:\trl.cfg
2020-09-16 08:42 - 2020-02-17 03:15 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\IGDump
2020-09-15 15:39 - 2017-04-17 17:51 - 000057344 _____ C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-09-14 15:43 - 2020-04-14 16:24 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-14 15:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-09-14 11:18 - 2017-04-10 19:25 - 000000000 ____D C:\Users\Oťáček\Documents\Snagit
2020-09-12 06:49 - 2017-04-11 09:55 - 000000000 ____D C:\Windows\system32\MRT
2020-09-12 06:42 - 2017-04-11 09:55 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-10 13:38 - 2020-07-24 16:34 - 000000000 ____D C:\Users\Oťáček\Documents\FormatFactory
2020-09-08 16:18 - 2017-04-11 23:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:18 - 2017-04-11 23:04 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:18 - 2017-04-11 23:04 - 000000000 ____D C:\Windows\system32\Macromed
2020-09-07 08:50 - 2020-07-24 16:28 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2020-09-03 16:49 - 2020-07-20 02:12 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2020-09-03 16:49 - 2020-07-20 02:12 - 000000349 _____ C:\ProgramData\Documents\PCLECHAL.INI
2020-09-03 15:12 - 2020-05-31 20:47 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\audacity
2020-08-31 12:40 - 2020-02-18 01:31 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\eM Client
2020-08-26 16:39 - 2009-07-14 17:18 - 000759582 _____ C:\Windows\system32\perfh005.dat
2020-08-26 16:39 - 2009-07-14 17:18 - 000177416 _____ C:\Windows\system32\perfc005.dat
2020-08-26 16:39 - 2009-07-14 07:13 - 001818714 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-24 08:04 - 2019-07-31 07:11 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-24 08:04 - 2019-07-31 07:11 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-08-24 00:12 - 2020-08-23 23:52 - 000000000 ____D C:\Users\Oťáček\Downloads\FormatFactory2020_08_23
==================== Files in the root of some directories ========
2017-05-19 08:47 - 2017-05-19 08:47 - 000000132 _____ () C:\Users\Oťáček\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-03-13 11:11 - 2018-03-13 11:11 - 000195236 _____ () C:\Users\Oťáček\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-01-08 14:02 - 2019-01-08 14:02 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\FC.dat
2017-07-03 20:29 - 2017-07-03 20:29 - 000099384 _____ () C:\Users\Oťáček\AppData\Roaming\inst.exe
2019-11-04 14:31 - 2019-11-04 14:31 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\IP.dat
2020-04-13 22:00 - 2020-04-13 22:00 - 000000275 _____ () C:\Users\Oťáček\AppData\Roaming\mplex-log.log
2017-05-13 15:13 - 2017-09-23 12:52 - 000000643 _____ () C:\Users\Oťáček\AppData\Roaming\OŤÁČEK-PC.MTBF.txt
2020-09-19 11:16 - 2020-09-19 11:16 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\PCO.dat
2017-07-03 20:29 - 2017-07-03 20:29 - 000007859 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2017-07-03 20:29 - 2017-07-03 20:29 - 000001167 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.inf
2017-07-03 20:29 - 2017-07-03 20:29 - 000000055 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.log
2017-07-03 20:29 - 2017-07-03 20:29 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2017-04-17 17:51 - 2020-09-15 15:39 - 000057344 _____ () C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-06 13:08 - 2018-09-04 13:15 - 000000218 _____ () C:\Users\Oťáček\AppData\Local\recently-used.xbel
2018-09-06 11:04 - 2020-07-29 09:28 - 000007596 _____ () C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-14 00:59
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Oťáček (23-09-2020 19:57:48)
Running from E:\Stažené soubory
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-10 12:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-51665161-4008308083-3026018605-500 - Administrator - Disabled)
Guest (S-1-5-21-51665161-4008308083-3026018605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51665161-4008308083-3026018605-1002 - Limited - Enabled)
Oťáček (S-1-5-21-51665161-4008308083-3026018605-1000 - Administrator - Enabled) => C:\Users\Oťáček
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Abrosoft FantaMorph 5.3.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.5 - Abrosoft)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
AirDroid 3.5.4.0 (HKLM-x32\...\AirDroid) (Version: 3.5.4.0 - Sand Studio)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
CD Recovery Toolbox Free 2.2 (HKLM-x32\...\CD Recovery Toolbox Free_is1) (Version: - File Master LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2015 Font Manager (HKLM-x32\...\FontExpert 2015) (Version: 13.0.0.1 - Proxima Software)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GreenCloud Printer 7.8.4.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.8.4.0 - ObviousIdea)
GreenScreenWizard 6.9 (HKLM-x32\...\Green Screen Wizard Pro 6.9_is1) (Version: - GreenScreen Wizard LLC)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
iData RAW Partition Recovery version 1.0.0.8 (HKLM-x32\...\{8F3CD5EF-6D71-43CC-B1B9-F65C16692284}}_is1) (Version: 1.0.0.8 - iData Recovery)
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12527.21104 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\f9a89bd2a46a7606) (Version: 17.0.4478.3 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: - )
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.5.0 - Mozilla)
Mozilla Thunderbird 78.2.2 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.2.2 (x64 cs)) (Version: 78.2.2 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netis Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.01.0243 - REALTEK Semiconductor Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Opera Stable 70.0.3728.189 (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Opera 70.0.3728.189) (Version: 70.0.3728.189 - Opera Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\PhotoFiltre Studio X) (Version: - )
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
POPFile Data (Oťáček) (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\POPFile_Data) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Process Liquidator (HKLM-x32\...\{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1) (Version: 2.1.0.0 - 12Bytes)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScanToPDF 3.1.4 (HKLM-x32\...\ScanToPDF) (Version: 3.1.4 - O Imaging Corporation)
Skype verze 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Snagit 11 (HKLM-x32\...\{1FB78CB6-F4EA-474F-8B0B-100EFACF3558}) (Version: 11.4.0 - TechSmith Corporation)
Subtitle Edit 3.5.16 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.16.0 - Nikse)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TinEye Internet Explorer plugin 1.0 (HKLM-x32\...\{9B8ACEA2-BA21-4A91-A950-144FED3ED133}) (Version: 1.0.0 - Idée Inc.)
Tisk Obalek 3.2.1.2 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.1.2 - Mgr. Radovan Kraus)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Verbatim GREEN BUTTON 1.68 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.322 - MPC-HC Team)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wise Duplicate Finder 1.2.9 (HKLM-x32\...\Wise Duplicate Finder_is1) (Version: 1.2.9 - WiseCleaner.com, Inc.)
Wise Folder Hider 3.38 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-51665161-4008308083-3026018605-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Oťáček\Desktop\MailCliеnt.exe – zástupce.lnk -> C:\Program Files (x86)\eM Client\MailCliеnt.exe (eM Client s.r.o.) <==== Cyrillic
ShortcutWithArgument: C:\Users\Oťáček\Desktop\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
ShortcutWithArgument: C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
==================== Loaded Modules (Whitelisted) =============
2019-03-19 10:29 - 2012-08-08 22:56 - 000863232 ____N ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\P2PLib.dll
2019-03-19 10:29 - 2013-02-27 18:17 - 000221184 ____N () [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\EnumDevLib.dll
2014-03-03 15:36 - 2014-03-03 15:36 - 001298432 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-03-03 15:40 - 2014-03-03 15:40 - 000110592 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2014-03-03 15:41 - 2014-03-03 15:41 - 000128512 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2017-04-13 09:25 - 2012-03-06 16:05 - 000054784 _____ () [File not signed] C:\Windows\System32\gcprpm.dll
2018-02-15 18:35 - 2015-02-27 15:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000480256 ____N (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\libhunspell.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000066192 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFJbg15U.DLL
2014-03-03 15:32 - 2014-03-03 15:32 - 000126096 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFPng15U.DLL
2014-03-03 15:32 - 2014-03-03 15:32 - 000212112 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgclr15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000208016 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgefx15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000134288 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgutl15u.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000122000 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Lttwn15u.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-10 14:36 - 2020-07-10 14:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2019-03-19 10:29 - 2013-12-23 12:26 - 000528384 ____N (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlLib.dll
2019-03-19 10:29 - 2012-09-13 10:25 - 000200704 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\IpLib.dll
2019-03-19 10:29 - 2012-05-07 15:23 - 000040960 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlICS.dll
2019-03-19 10:29 - 2014-02-27 21:12 - 000272384 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlIhvOid.dll
2019-03-19 10:29 - 2012-06-22 17:01 - 000044544 ____N (Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlQRCode.dll
2014-03-03 15:59 - 2014-04-25 18:42 - 008360816 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItEditorRes.dll
2014-03-03 15:59 - 2014-04-25 18:42 - 007454064 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItres.dll
2014-03-03 15:31 - 2014-03-03 15:31 - 000165888 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TSCREC3.dll
2014-03-03 15:32 - 2014-03-03 15:32 - 000076288 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\UpdaterInterop.dll
2019-03-19 10:29 - 2009-07-23 18:32 - 001122304 ____N (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\LIBEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-02-23 11:25 - 2020-08-07 10:16 - 000001242 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 https://www.bestgamesvault.com
127.0.0.1 https://zonky.cz
127.0.0.1 https://lp.synottip.cz
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
0.0.0.0 www.bandicam.co.kr
0.0.0.0 www.bandicam.com
0.0.0.0 bandicam.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Pinnacle\Shared Files\
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: eM Client => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: FontExpertType1Loader => C:\Program Files (x86)\FontExpert\Type1Loader.exe
MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\Oťáček\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Oťáček\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9A6F0209-D19B-4299-8666-EC5C8470DD4C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E28311D5-3189-49D3-9CB8-AB39EA708E59}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A96AAC25-E7AA-47B7-A4BC-42E422A721D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{CF53A994-8A54-4307-A7F3-C86AE88491CF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3B954530-6AF4-4DB6-9AF1-B0190470DB36}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC62EE05-B3BC-4CD1-BAF9-A96390137FB9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20C3F74D-FF94-4107-89B4-9E667176F7CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF9F4863-97C3-4C4A-91D9-06F31142589E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B652D7E-1ED7-40B1-8222-F834CF8A4085}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{8C0DE59C-565B-494E-A3CE-6DC015372205}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{15EB7E9D-877E-4E4A-A7A4-555F8F8E7EED}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{49109BE4-33B3-4E6A-97A1-E4A5F313EB48}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{8EF52979-9291-40A5-8FD2-C8235F698732}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File
FirewallRules: [TCP Query User{F7095C8D-2717-4DC8-A34E-7DF9EED0AED8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{32B2203D-2DC2-4F95-9729-AAE978859F3E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{B9D00C3A-CC73-4D41-9B07-2E7303C06C37}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{3EAD46FC-A5D6-43B7-8E52-988F13F20361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{A8595D0D-BC20-428B-ADE5-178A223B0724}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{018DB134-0E56-47F5-8B03-CA77AD573AA4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D9965A42-40F7-4621-BABE-A00AAC37BA24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9260761F-7BE2-4725-B4C5-BA41F14F8DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [{A397107B-23FD-444A-A2DC-92AA4F712F91}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{FF123FB9-9A02-4186-AC59-9C43FD53FBA5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{29308BCA-4AE2-4126-8563-0EEC698919AE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1441ACA2-712F-4CD7-988B-C063BFC3008D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F350E590-3BFA-4AC9-A8DA-519CCFEDDD3D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FE707B5E-32F2-47F2-9FCE-8D5BF6F14BBE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A1C8335C-9990-4CA0-85E2-C6E74E65A4F8}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A56C19DE-6D46-4228-9968-364E8FC3F0D1}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [TCP Query User{8E9861CF-8002-4F1E-99F6-EB3B14412A30}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{B699AD97-FF17-4260-A4E4-98E30200385D}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [{DE807617-92DC-4506-ACED-4214B20F3401}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare software CO., LIMITED -> Wondershare)
FirewallRules: [TCP Query User{ED2AA70A-653A-4B0C-AAD2-D1504468990B}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{96DA9ED8-C5AC-49D9-BEF8-60CE32AB5911}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E9644745-BCD8-4D42-9894-E6C12719B6BD}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{4430278E-3A6B-49BA-9281-BC195FF2F338}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1B4F7268-E02D-4A4C-B54D-A3B55AF9EB7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{088E71EC-74BF-4945-AE2A-0FDCB5515D8A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{FEE9C1D6-3969-4F26-AAAF-774AE3B4E796}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94092F36-B70E-4213-99C4-50116595D219}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A8A182D-A4E6-4F58-BEEF-E3CB08BF23E3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A530F5C-0993-45E1-AF78-85CD50B2F5E8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BD5D3CD7-6CB9-4323-96F1-4039F0943A4F}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [UDP Query User{B00F7218-91D1-4C79-8BC3-AA240D426BA9}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [{14F578DB-99EE-479C-8878-3680A2B031D1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{55B2774C-F399-40FB-8D22-3C75AE8904C0}] => (Allow) C:\Users\Oťáček\AppData\Local\Programs\Opera\70.0.3728.178\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{303CA865-54C5-4837-AD3E-943299DEF89D}] => (Allow) C:\Users\Oťáček\AppData\Local\Programs\Opera\70.0.3728.189\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6B1301A7-07B8-4E5F-92C8-D022D350DB6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:48.83 GB) (Free:3.26 GB) (7%)
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/22/2020 01:01:58 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (09/23/2020 08:15:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek DHCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:14:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Internet Off Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VPDAgent byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Folder Size byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (09/23/2020 08:12:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSCamSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-03-01 08:01:29.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.819
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.655
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.179
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.013
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.848
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1305 02/11/2011
Motherboard: ASUSTeK Computer INC. P8H67-M EVO
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 88%
Total physical RAM: 8173.24 MB
Available physical RAM: 909.39 MB
Total Virtual: 16644.62 MB
Available Virtual: 8613.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.83 GB) (Free:3.26 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (HD710 PRO) (Fixed) (Total:1863 GB) (Free:1633.36 GB) exFAT
Drive e: (HDD) (Fixed) (Total:882.68 GB) (Free:30.11 GB) NTFS
Drive h: (ADATA HV100) (Fixed) (Total:1862.56 GB) (Free:47.43 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DD32DD32)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 0DB9BF25)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 87A12B7E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Oťáček (administrator) on OŤÁČEK-PC (23-09-2020 19:55:52)
Running from E:\Stažené soubory
Loaded Profiles: Oťáček
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\runSW.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) E:\Avast 2019\AvastUI.exe <4>
(Brio) [File not signed] C:\Program Files\FolderSize\FolderSizeSvc.exe
(Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\InternetOff.exe
(Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\IOffSvc.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWLan.exe
(Realtek) [File not signed] C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe
(Realtek) [File not signed] C:\Windows\SwUSB.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
(Two Pilots) [File not signed] C:\Windows\VPDAgent_x64.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => E:\Avast 2019\AvLaunch.exe [109160 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [InternetOff] => C:\Program Files (x86)\InternetOff\InternetOff.exe [3182360 2016-05-25] (Crystal Rich Ltd -> )
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\SSP2MPC: C:\Windows\System32\spool\prtprocs\x64\ssp2mpc.dll [33792 2009-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [52248 2019-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us007PC: C:\Windows\System32\spool\prtprocs\x64\us007pc.dll [52240 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\gcprm: C:\Windows\system32\gcprpm.dll [54784 2012-03-06] () [File not signed]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\SSP2M Langmon: C:\Windows\system32\ssp2ml6.dll [22016 2008-01-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us005 Langmon: C:\Windows\system32\us005lm.dll [31256 2019-03-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us007 Langmon: C:\Windows\system32\us007lm.dll [31248 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2020-02-18]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk [2017-04-10]
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0584A722-7270-4D5B-9CBE-B3A513B5AEAA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E9BB8EB-7707-47AB-95C9-1FD696B4753B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {11F27765-264A-41F2-929A-9AC291E5530B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {14B9D031-2025-4737-8E7C-BD951A7C1D4F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {164B769E-B179-4FBC-9451-D66F4574E7A5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {211F0999-E43B-4F8A-8B7F-504B1A76E4A9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2854F702-2543-49C6-B6F8-8CCA9261458A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {385AD0A4-9CF9-491F-91A4-710A445B5C5B} - System32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\TechSmith\Snagit 11\SnagitPI.exe" -d "C:\Program Files (x86)\TechSmith\Snagit 11"
Task: {42D1B611-74D8-4E70-8AB0-CD9A323017BF} - System32\Tasks\Avast Emergency Update => E:\Avast 2019\AvEmUpdate.exe [3850336 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
Task: {511BF905-4DC3-4625-88E7-18651B3DDBEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {545AEE0F-05B3-40B1-84C0-AE04A1C73FCB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D5D6B16-958E-4985-9413-495B499330B0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {63673011-F893-4D81-B48B-0AAEC5EFD1F8} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {68F472C4-6DEF-4E63-B7E8-B6D0019C2A4E} - System32\Tasks\Opera scheduled Autoupdate 1579022060 => C:\Users\Oťáček\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {8AB70ED9-471A-4103-AAB1-31AE9CCA5FF3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {9D2344E9-4391-4C29-AA8F-5718502945EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {A180BB23-80E0-45FB-BB28-9176AD2BB913} - System32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\NetFx20SP2_x86.exe" -d "E:\Stažené soubory"
Task: {CAD723BC-4618-4B9E-9F7D-6D372DFB2633} - System32\Tasks\Opera scheduled assistant Autoupdate 1582795558 => C:\Users\Oťáček\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-09-15] (Opera Software AS -> Opera Software)
Task: {D3871F9A-AD1D-402E-9EFA-44509969FA14} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe)
Task: {EC009CEF-CFDD-4B90-8488-90D7158D2B08} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {EDF3DB7E-0040-4B7E-A77D-D1A1E538CCE8} - System32\Tasks\eM Client Database Backup (S-1-5-21-51665161-4008308083-3026018605-1000) => C:\Program Files (x86)\eM Client\DbBackup.exe [139624 2016-10-21] (eM Client, s.r.o. -> )
Task: {FE7A2D7C-9F72-4F37-BD69-16A4A358265D} - System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\dotnetfx35.exe" -d "E:\Stažené soubory"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{53702BC7-8C9E-41D1-94E4-1B2AEFB2F16B}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{555B09F5-81C2-4DDA-83D1-5057F55A238F}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{F84325AE-0BB8-4C06-854F-EAC454957FA1}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF DefaultProfile: gko5uglf.default-1581863657544
FF ProfilePath: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 [2020-09-23]
FF DownloadDir: E:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> hxxps://www.seznam.cz/?clid=22668
FF NewTab: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544 -> hxxps://web.whatsapp.com; hxxps://www.youtube.com; hxxps://push.trafroll.com; hxxps://cz.xhamsterlive.com; hxxps://eurozpravy.cz; hxxps://cs.xhamsterlive.com; hxxps://cs.stripchat.com; hxxps://www.viry.cz; hxxps://www.sex-seznameni.cz; hxxps://www.alirecenze.cz
FF Extension: (Tampermonkey) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\firefox@tampermonkey.net.xpi [2020-07-31]
FF Extension: (clean-youtube) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2019-07-04]
FF Extension: (Dark Background and Light Text) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2020-08-21]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-08-21]
FF Extension: (S3.Translator) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\s3google@translator.xpi [2018-10-21]
FF Extension: (Tab Session Manager) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\Tab-Session-Manager@sienori.xpi [2020-09-17]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\tineye@ideeinc.com.xpi [2020-01-22]
FF Extension: (Adblock) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{5eb79492-b597-47fe-a446-5db692b6eec8}.xpi [2020-02-28]
FF Extension: (404 Bookmarks) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{5f8d31ba-47fb-4b70-bf8d-d2113f6da22f}.xpi [2019-12-16]
FF Extension: (Flash and Video Download) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-06-09]
FF Extension: (Video DownloadHelper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-30]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2019-01-13]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\Extensions\{ea692a27-4873-406e-bbc6-010c2dd9e9b5}.xpi [2020-05-11]
FF SearchPlugin: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\searchplugins\google-avast.xml [2019-02-22]
FF SearchPlugin: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\gko5uglf.default-1581863657544\searchplugins\seznam-avast.xml [2019-02-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default [2020-09-22]
CHR DownloadDir: E:\Stažené soubory
CHR Notifications: Default -> hxxps://cs.xhamsterlive.com; hxxps://special-offers.online; hxxps://www.alirecenze.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-04]
CHR Extension: (Chrome Media Router) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 Agent; C:\Windows\VPDAgent_x64.exe [168960 2013-08-28] (Two Pilots) [File not signed]
R3 aswbIDSAgent; E:\Avast 2019\aswidsagent.exe [7824280 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; E:\Avast 2019\AvastSvc.exe [357848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11118976 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] (Crystal Rich Ltd -> )
R2 RealtekWlanU; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [36864 2014-04-15] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 USBSafelyRemoveService; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [1666416 2017-06-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206392 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235584 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195648 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42768 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175192 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [517080 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84848 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851600 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469880 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217328 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326408 2020-09-21] (Avast Software s.r.o. -> AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
R1 HWiNFO32-BackupByDriverBoosterPortable; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-24] (Martin Malik - REALiX -> REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3733208 2019-03-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Web Solution Mart -> Hajo Krabbenhöft)
R3 VAD_DEV; C:\Windows\System32\drivers\vad.sys [24992 2012-03-27] (Wondershare Software Co., Ltd. -> Windows (R) DDK provider) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WiseFs; C:\Windows\WiseFs64.sys [14256 2017-04-11] (Lespeed Technology Ltd. -> WiseCleaner.com) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-22 20:08 - 2020-09-23 19:56 - 000000000 ____D C:\FRST
2020-09-21 22:09 - 2020-09-21 22:08 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-09-21 22:08 - 2020-09-21 22:08 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-09-21 22:08 - 2020-09-21 22:08 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-09-19 11:16 - 2020-09-19 11:16 - 000000078 _____ C:\Users\Oťáček\AppData\Roaming\PCO.dat
2020-09-16 08:31 - 2020-09-23 18:44 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582795558
2020-09-15 16:50 - 2020-09-15 17:11 - 086311098 _____ C:\Users\Oťáček\Documents\MAKU.swf
2020-09-15 15:41 - 2020-09-15 15:41 - 073180558 _____ C:\Users\Oťáček\Documents\export.swf
2020-09-15 15:18 - 2020-09-15 15:18 - 478449664 _____ C:\Users\Oťáček\Documents\Sandra Bullock.avi
2020-09-12 08:35 - 2020-09-12 08:35 - 000001012 _____ C:\Users\Oťáček\Desktop\Rajče.lnk
2020-09-12 08:35 - 2020-09-12 08:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\rajce
2020-09-12 08:35 - 2020-09-12 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rajce
2020-09-07 09:27 - 2020-09-07 09:27 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\InternetOff
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetOff
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\ProgramData\IOffSvc
2020-09-07 09:26 - 2020-09-07 09:26 - 000000000 ____D C:\Program Files (x86)\InternetOff
2020-09-06 17:37 - 2020-09-06 17:44 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Subtitle Edit
2020-09-06 17:37 - 2020-09-06 17:37 - 000001878 _____ C:\Users\Public\Desktop\Subtitle Edit.lnk
2020-09-06 17:37 - 2020-09-06 17:37 - 000001878 _____ C:\ProgramData\Desktop\Subtitle Edit.lnk
2020-09-06 17:37 - 2020-09-06 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2020-09-06 17:37 - 2020-09-06 17:37 - 000000000 ____D C:\Program Files\Subtitle Edit
2020-09-03 14:57 - 2020-09-03 14:57 - 000001067 _____ C:\Users\Oťáček\Desktop\Format Factory.lnk
2020-09-03 14:57 - 2020-09-03 14:57 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2020-09-03 13:58 - 2020-09-03 14:53 - 000000000 ____D C:\Users\Oťáček\Downloads\FormatFactory2020_09_03
2020-09-01 22:02 - 2020-09-23 09:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-01 17:52 - 2020-09-01 17:57 - 000001704 _____ C:\Users\Oťáček\Desktop\Nový textový dokument (2).txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-23 19:56 - 2020-02-28 16:34 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\uTorrent
2020-09-23 18:50 - 2009-07-14 06:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-23 18:50 - 2009-07-14 06:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-23 18:44 - 2020-03-18 03:20 - 000003014 _____ C:\Windows\system32\Tasks\UMonitor Task
2020-09-23 18:44 - 2020-03-17 22:14 - 000003116 _____ C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}
2020-09-23 18:44 - 2020-03-17 22:06 - 000003124 _____ C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45}
2020-09-23 18:44 - 2020-02-23 20:15 - 000003208 _____ C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE}
2020-09-23 18:44 - 2020-01-14 19:14 - 000004072 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1579022060
2020-09-23 18:44 - 2019-03-09 01:18 - 000004544 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-23 18:44 - 2019-03-08 23:46 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-09-23 18:44 - 2018-10-27 18:55 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-09-23 18:44 - 2018-10-27 18:55 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-09-23 18:44 - 2018-03-13 22:41 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-23 18:44 - 2017-04-10 16:45 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-23 18:44 - 2017-04-10 14:16 - 000003978 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F4B66E77-4023-4CA3-A918-E9DABCC6A041}
2020-09-23 10:14 - 2017-04-10 16:43 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-23 08:48 - 2018-02-26 11:24 - 000000000 ____D C:\Users\Oťáček\AppData\Local\AVAST Software
2020-09-23 08:30 - 2017-04-10 16:10 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\Mozilla
2020-09-23 08:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-23 08:12 - 2020-08-01 15:15 - 000000000 ____D C:\AdwCleaner
2020-09-22 22:59 - 2020-02-11 14:28 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-22 22:59 - 2020-02-11 14:28 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-22 22:59 - 2020-02-11 14:28 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 22:00 - 2020-05-12 10:33 - 000046080 ___SH C:\Users\Oťáček\Documents\Thumbs.db
2020-09-22 21:51 - 2017-04-10 14:13 - 000000000 ___RD C:\Users\Oťáček\Obrázky
2020-09-22 21:41 - 2017-04-30 18:44 - 000039424 ___SH C:\Users\Oťáček\Thumbs.db
2020-09-22 15:44 - 2019-10-03 08:24 - 000004120 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-09-22 15:40 - 2018-04-30 11:23 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\vlc
2020-09-22 13:18 - 2009-07-14 06:45 - 005227120 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-22 13:11 - 2020-07-31 12:39 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2020-09-22 13:11 - 2017-04-10 16:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-21 22:09 - 2020-04-09 00:57 - 000517080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-09-21 22:09 - 2019-03-28 11:16 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-09-21 22:08 - 2019-03-28 11:16 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-09-21 22:07 - 2019-03-28 11:16 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-09-20 02:46 - 2017-04-11 23:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-09-20 01:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-09-19 22:13 - 2017-04-10 15:57 - 000179720 _____ C:\Users\Oťáček\AppData\Local\GDIPFONTCACHEV1.DAT
2020-09-19 18:10 - 2020-05-18 20:35 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\MPC-HC
2020-09-19 15:57 - 2017-04-11 11:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\CrashDumps
2020-09-19 11:09 - 2019-02-26 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim
2020-09-19 11:09 - 2019-02-26 12:46 - 000000000 ____D C:\Program Files (x86)\Verbatim
2020-09-17 11:25 - 2017-05-16 16:01 - 000000047 _____ C:\trl.cfg
2020-09-16 08:42 - 2020-02-17 03:15 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\IGDump
2020-09-15 15:39 - 2017-04-17 17:51 - 000057344 _____ C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-09-14 15:43 - 2020-04-14 16:24 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-14 15:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-09-14 11:18 - 2017-04-10 19:25 - 000000000 ____D C:\Users\Oťáček\Documents\Snagit
2020-09-12 06:49 - 2017-04-11 09:55 - 000000000 ____D C:\Windows\system32\MRT
2020-09-12 06:42 - 2017-04-11 09:55 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-10 13:38 - 2020-07-24 16:34 - 000000000 ____D C:\Users\Oťáček\Documents\FormatFactory
2020-09-08 16:18 - 2017-04-11 23:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:18 - 2017-04-11 23:04 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:18 - 2017-04-11 23:04 - 000000000 ____D C:\Windows\system32\Macromed
2020-09-07 08:50 - 2020-07-24 16:28 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2020-09-03 16:49 - 2020-07-20 02:12 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2020-09-03 16:49 - 2020-07-20 02:12 - 000000349 _____ C:\ProgramData\Documents\PCLECHAL.INI
2020-09-03 15:12 - 2020-05-31 20:47 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\audacity
2020-08-31 12:40 - 2020-02-18 01:31 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\eM Client
2020-08-26 16:39 - 2009-07-14 17:18 - 000759582 _____ C:\Windows\system32\perfh005.dat
2020-08-26 16:39 - 2009-07-14 17:18 - 000177416 _____ C:\Windows\system32\perfc005.dat
2020-08-26 16:39 - 2009-07-14 07:13 - 001818714 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-24 08:04 - 2019-07-31 07:11 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-24 08:04 - 2019-07-31 07:11 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-08-24 00:12 - 2020-08-23 23:52 - 000000000 ____D C:\Users\Oťáček\Downloads\FormatFactory2020_08_23
==================== Files in the root of some directories ========
2017-05-19 08:47 - 2017-05-19 08:47 - 000000132 _____ () C:\Users\Oťáček\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-03-13 11:11 - 2018-03-13 11:11 - 000195236 _____ () C:\Users\Oťáček\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-01-08 14:02 - 2019-01-08 14:02 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\FC.dat
2017-07-03 20:29 - 2017-07-03 20:29 - 000099384 _____ () C:\Users\Oťáček\AppData\Roaming\inst.exe
2019-11-04 14:31 - 2019-11-04 14:31 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\IP.dat
2020-04-13 22:00 - 2020-04-13 22:00 - 000000275 _____ () C:\Users\Oťáček\AppData\Roaming\mplex-log.log
2017-05-13 15:13 - 2017-09-23 12:52 - 000000643 _____ () C:\Users\Oťáček\AppData\Roaming\OŤÁČEK-PC.MTBF.txt
2020-09-19 11:16 - 2020-09-19 11:16 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\PCO.dat
2017-07-03 20:29 - 2017-07-03 20:29 - 000007859 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2017-07-03 20:29 - 2017-07-03 20:29 - 000001167 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.inf
2017-07-03 20:29 - 2017-07-03 20:29 - 000000055 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.log
2017-07-03 20:29 - 2017-07-03 20:29 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2017-04-17 17:51 - 2020-09-15 15:39 - 000057344 _____ () C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-06 13:08 - 2018-09-04 13:15 - 000000218 _____ () C:\Users\Oťáček\AppData\Local\recently-used.xbel
2018-09-06 11:04 - 2020-07-29 09:28 - 000007596 _____ () C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-09-14 00:59
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Comp často zamrzá
Nic se neděje. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do E:\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {FE7A2D7C-9F72-4F37-BD69-16A4A358265D} - System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\dotnetfx35.exe" -d "E:\Stažené soubory"
C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}
C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45}
C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE}
C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jarda.otta
- Návštěvník
- Příspěvky: 520
- Registrován: 25 bře 2005 21:21
Re: Comp často zamrzá
Počítač se sám po dokončení akce restartoval a žádný log se neobjevil.
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Comp často zamrzá
Najdete ho v E:\Stažené soubory v souboru fixlist.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jarda.otta
- Návštěvník
- Příspěvky: 520
- Registrován: 25 bře 2005 21:21
Re: Comp často zamrzá
Byl tam jenom fixlog.txt.
Zde obsah:
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Oťáček (23-09-2020 21:20:40) Run:1
Running from E:\Stažené soubory
Loaded Profiles: Oťáček
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {FE7A2D7C-9F72-4F37-BD69-16A4A358265D} - System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => C:\Windows\system32\pcalua.exe -a "E:\Sta�en� soubory\dotnetfx35.exe" -d "E:\Sta�en� soubory"
C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}
C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45}
C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE}
C:\Users\O���ek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
HKLM\Software\Classes\CLSID\{A3888923-CFD3-4A6B-89BF-08E6B95716E8} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7207DF57-2BF4-4FE8-988E-487980F02640}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE7A2D7C-9F72-4F37-BD69-16A4A358265D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE7A2D7C-9F72-4F37-BD69-16A4A358265D}" => removed successfully
C:\Windows\System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}" => removed successfully
"C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}" => not found
C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45} => moved successfully
C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE} => moved successfully
"C:\Users\O���ek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37255216 B
Java, Flash, Steam htmlcache => 1183 B
Windows/system/drivers => 4348819 B
Edge => 0 B
Chrome => 24967321 B
Firefox => 437808148 B
Opera => 141579 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
Oťáček => 705445143 B
DefaultAppPool => 705445143 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:21:06 ====
Zde obsah:
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Oťáček (23-09-2020 21:20:40) Run:1
Running from E:\Stažené soubory
Loaded Profiles: Oťáček
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {FE7A2D7C-9F72-4F37-BD69-16A4A358265D} - System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => C:\Windows\system32\pcalua.exe -a "E:\Sta�en� soubory\dotnetfx35.exe" -d "E:\Sta�en� soubory"
C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}
C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45}
C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE}
C:\Users\O���ek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
HKLM\Software\Classes\CLSID\{A3888923-CFD3-4A6B-89BF-08E6B95716E8} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7207DF57-2BF4-4FE8-988E-487980F02640}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7B5BE066-70B0-461C-BF3C-001C3DFE3A1B}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{141D5200-174A-4EC1-BA6B-A72925194FD6}F:\program files (x86)\google\chrome\application\chrome.exe" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE7A2D7C-9F72-4F37-BD69-16A4A358265D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE7A2D7C-9F72-4F37-BD69-16A4A358265D}" => removed successfully
C:\Windows\System32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}" => removed successfully
"C:\Windows\system32\Tasks\{E5787AEB-33BE-4341-B850-9DF77BFF64E0}" => not found
C:\Windows\system32\Tasks\{5EE25878-0AE3-4A6F-B3E1-ED5808655F45} => moved successfully
C:\Windows\system32\Tasks\{6DE89C25-20BA-4765-9231-9BF4BD3465CE} => moved successfully
"C:\Users\O���ek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37255216 B
Java, Flash, Steam htmlcache => 1183 B
Windows/system/drivers => 4348819 B
Edge => 0 B
Chrome => 24967321 B
Firefox => 437808148 B
Opera => 141579 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
Oťáček => 705445143 B
DefaultAppPool => 705445143 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:21:06 ====
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Comp často zamrzá
Spletl jsem se. Toto je správný log. Bylo smazáno. Nastala změna k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jarda.otta
- Návštěvník
- Příspěvky: 520
- Registrován: 25 bře 2005 21:21
Re: Comp často zamrzá
Otestuji během dne a dám vědět. Prozatím děkuji za velmi rychlou pomoc.
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Comp často zamrzá
OK, nechám to tu otevřené.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jarda.otta
- Návštěvník
- Příspěvky: 520
- Registrován: 25 bře 2005 21:21
Re: Comp často zamrzá
Velice se omlouvám, ale z rodinných důvodů jsem byl zaneprázdněn. Po delší době opět stejný problém, i když budu asi dávat za vinu Hardware. Comp velmi často opět zamrzá. Seká se v přehrávači MPC-HC a musím dát reset. Ani myš se nepohne. A i jinak se seká a to hlavně když otevírám Thunderbird a nebo v Mozille Firefox. Na chvíli ztuhne, myš jde a po cca 1-2 minutách naběhne. A to je několikrát denně.
Ještě jedno posílám logy a děkuji zatrpělivost.
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{53702BC7-8C9E-41D1-94E4-1B2AEFB2F16B}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{555B09F5-81C2-4DDA-83D1-5057F55A238F}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{F84325AE-0BB8-4C06-854F-EAC454957FA1}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF DefaultProfile: v2vukc9r.default-1604959618928
FF ProfilePath: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 [2020-11-27]
FF DownloadDir: E:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 -> hxxps://web.whatsapp.com
FF Extension: (AdBlocker for YouTube™) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2020-11-23]
FF Extension: (Dark Background and Light Text) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2020-11-10]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-11-10]
FF Extension: (S3.Translator) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\s3@translator.xpi [2020-11-14]
FF Extension: (Tab Session Manager) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\Tab-Session-Manager@sienori.xpi [2020-11-10]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\tineye@ideeinc.com.xpi [2020-11-10]
FF Extension: (Block Site) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2020-11-10]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{49756ccc-44ea-4661-bc1f-2baba64cca2f}.xpi [2020-11-09]
FF Extension: (CSFD Magnets) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{5dcbc3c3-318a-4f86-9ae4-9bb4de536c7a}.xpi [2020-11-10]
FF Extension: (404 Bookmarks) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{5f8d31ba-47fb-4b70-bf8d-d2113f6da22f}.xpi [2020-11-10]
FF Extension: (Flash and Video Download) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-11-10]
FF Extension: (Video DownloadHelper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-11-10]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2020-11-10]
FF Extension: (No Name) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default [2020-11-26]
CHR DownloadDir: E:\Stažené soubory
CHR Notifications: Default -> hxxps://cs.xhamsterlive.com; hxxps://special-offers.online; hxxps://www.alirecenze.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-04]
CHR Extension: (Web Video Downloader) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\odecbmmehabeloobkgokmfgldaegiflc [2020-11-20]
CHR Extension: (Chrome Media Router) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-30]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
R2 Agent; C:\Windows\VPDAgent_x64.exe [168960 2013-08-28] (Two Pilots) [File not signed]
R3 aswbIDSAgent; E:\Avast 2019\aswidsagent.exe [8454552 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; E:\Avast 2019\AvastSvc.exe [365648 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; E:\Avast 2019\aswToolsSvc.exe [3096160 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137392 2020-11-02] (Microsoft Corporation -> Microsoft Corporation)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [File not signed]
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] (Crystal Rich Ltd -> )
R2 RealtekWlanU; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [36864 2014-04-15] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 USBSafelyRemoveService; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [1666416 2017-06-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37152 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206408 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332368 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97352 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176744 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [521752 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109280 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851608 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469832 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217336 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326416 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
R1 HWiNFO32-BackupByDriverBoosterPortable; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-24] (Martin Malik - REALiX -> REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [181040 2010-10-26] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3733208 2019-03-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Web Solution Mart -> Hajo Krabbenhöft)
R3 VAD_DEV; C:\Windows\System32\drivers\vad.sys [24992 2012-03-27] (Wondershare Software Co., Ltd. -> Windows (R) DDK provider) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WiseFs; C:\Windows\WiseFs64.sys [14256 2017-04-11] (Lespeed Technology Ltd. -> WiseCleaner.com) [File not signed]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-27 09:37 - 2020-11-27 09:38 - 000014159 _____ C:\Users\Oťáček\Desktop\FRST.txt
2020-11-27 09:35 - 2020-11-27 09:37 - 000000000 ____D C:\Users\Oťáček\Desktop\FRST-OlderVersion
2020-11-27 09:35 - 2020-11-27 09:35 - 002290176 _____ (Farbar) C:\Users\Oťáček\Desktop\FRST64(1).exe
2020-11-26 10:05 - 2020-11-26 10:05 - 000000078 _____ C:\Users\Oťáček\AppData\Roaming\PC.dat
2020-11-26 09:54 - 2020-11-26 09:54 - 000000747 _____ C:\Users\Oťáček\AppData\Local\recently-used.xbel
2020-11-26 09:47 - 2020-11-26 09:47 - 000000000 ____D C:\Users\Oťáček\Documents\PcSetup
2020-11-25 13:26 - 2020-11-25 13:26 - 000088526 _____ C:\Users\Oťáček\Documents\Rozvolňování odhalí, jak moc jsme se už stihli promořit, říká vakcinolog.PDF
2020-11-24 13:40 - 2020-11-24 13:40 - 000339552 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-11-24 13:40 - 2020-11-24 13:40 - 000217336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-11-24 09:18 - 2020-11-24 09:18 - 000430080 _____ C:\Users\Oťáček\Documents\Vyklad_umeniLV.pps
2020-11-22 18:20 - 2020-11-22 18:21 - 002645074 ____N C:\Users\Oťáček\Documents\2020-11-22_18-20-54.mp4
2020-11-22 16:57 - 2020-11-22 16:57 - 002475266 ____N C:\Users\Oťáček\Documents\2020-11-22_16-57-11.mp4
2020-11-21 01:34 - 2020-11-21 01:34 - 000000000 ____D C:\rsit
2020-11-19 10:01 - 2020-11-19 14:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-11-17 16:32 - 2020-11-22 17:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-14 21:51 - 2020-11-18 10:23 - 000140800 ___SH C:\Users\Oťáček\Documents\Thumbs.db
2020-11-14 15:55 - 2020-11-26 10:58 - 000015360 ___SH C:\Users\Oťáček\Thumbs.db
2020-11-13 18:05 - 2020-11-13 18:05 - 003571077 ____N C:\Users\Oťáček\Documents\2020-11-13_18-05-01.mp4
2020-11-11 17:04 - 2020-11-11 17:04 - 007776290 _____ C:\Users\Oťáček\Documents\Zemepis CR 02-1.ppsx
2020-11-11 00:30 - 2020-11-11 00:30 - 008447152 _____ (Malwarebytes) C:\Users\Oťáček\Downloads\adwcleaner_8.0.8(1).exe
2020-11-11 00:29 - 2020-11-11 00:29 - 008447152 _____ (Malwarebytes) C:\Users\Oťáček\Desktop\adwcleaner_8.0.8.exe
2020-11-09 23:13 - 2020-11-09 23:13 - 000004685 _____ C:\Users\Oťáček\Downloads\S3Translator.2020.11.09.23.12.54.txt
2020-11-09 23:07 - 2020-11-09 23:07 - 000000000 ____D C:\Users\Oťáček\Desktop\Původní data aplikace Firefox
2020-11-09 11:30 - 2020-11-09 11:47 - 000000000 ____D C:\Users\Oťáček\Desktop\honza
2020-11-09 10:47 - 2020-11-09 10:47 - 002065768 _____ (Malwarebytes) C:\Users\Oťáček\Desktop\MBSetup(2).exe
2020-11-09 10:45 - 2020-11-09 10:43 - 029780016 _____ (TeamViewer Germany GmbH) C:\Users\Oťáček\Desktop\TeamViewer_Setup (3).exe
2020-11-06 19:30 - 2020-11-06 19:31 - 002414924 ____N C:\Users\Oťáček\Documents\Cena ASUS Zenfone 7 Pro.mp4
2020-11-05 17:57 - 2020-11-05 17:57 - 000047079 _____ C:\Users\Oťáček\Desktop\Export.pdf
2020-11-05 15:23 - 2020-11-05 15:23 - 000002145 _____ C:\Users\Oťáček\Documents\AdwCleaner[S10].txt
2020-11-05 11:26 - 2020-11-27 09:12 - 000003136 _____ C:\Windows\system32\Tasks\{89708064-778A-43F1-884E-B3105783DD14}
2020-11-05 11:21 - 2020-11-05 11:26 - 000000000 ____D C:\Program Files\IrfanView
2020-11-05 11:21 - 2020-11-05 11:21 - 000001848 _____ C:\Users\Public\Desktop\IrfanView 64 Thumbnails.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000001848 _____ C:\ProgramData\Desktop\IrfanView 64 Thumbnails.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000000974 _____ C:\Users\Public\Desktop\IrfanView 64.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000000974 _____ C:\ProgramData\Desktop\IrfanView 64.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\IrfanView
2020-11-05 11:21 - 2020-11-05 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2020-11-04 10:05 - 2020-11-04 10:06 - 310179837 _____ C:\Users\Oťáček\Documents\záloha.snagarchive
2020-11-01 23:57 - 2020-11-24 22:33 - 000000000 ____D C:\Users\Oťáček\AppData\Local\Vzum
2020-11-01 23:38 - 2020-11-27 09:12 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-01 23:38 - 2020-11-27 09:12 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-01 23:38 - 2020-11-27 00:22 - 000000000 ____D C:\Program Files\CCleaner
2020-11-01 23:38 - 2020-11-14 00:22 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-01 23:38 - 2020-11-14 00:22 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-01 23:38 - 2020-11-01 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-10-31 13:05 - 2020-10-31 13:05 - 003326278 _____ C:\Users\Oťáček\Documents\Gril Tefan návod.pdf
2020-10-29 13:13 - 2020-10-29 13:13 - 005051904 _____ C:\Users\Oťáček\Documents\Jen_vystrihovanka.....pps
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-27 09:37 - 2020-09-22 19:08 - 000000000 ____D C:\FRST
2020-11-27 09:35 - 2017-04-10 15:10 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\Mozilla
2020-11-27 09:28 - 2017-04-10 13:13 - 000000000 ___RD C:\Users\Oťáček\Obrázky
2020-11-27 09:12 - 2020-10-18 10:29 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-27 09:12 - 2020-10-18 10:29 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-27 09:12 - 2020-03-18 02:20 - 000003014 _____ C:\Windows\system32\Tasks\UMonitor Task
2020-11-27 09:12 - 2019-03-09 00:18 - 000004544 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-11-27 09:12 - 2019-03-08 22:46 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-11-27 09:12 - 2018-03-13 21:41 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-27 09:12 - 2017-04-10 15:45 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-11-27 09:12 - 2017-04-10 13:16 - 000003978 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F4B66E77-4023-4CA3-A918-E9DABCC6A041}
2020-11-27 03:21 - 2009-07-14 05:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-27 03:21 - 2009-07-14 05:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-27 01:02 - 2019-02-09 07:16 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-27 00:01 - 2018-02-26 10:24 - 000000000 ____D C:\Users\Oťáček\AppData\Local\AVAST Software
2020-11-26 23:31 - 2009-07-14 16:18 - 000759582 _____ C:\Windows\system32\perfh005.dat
2020-11-26 23:31 - 2009-07-14 16:18 - 000177416 _____ C:\Windows\system32\perfc005.dat
2020-11-26 23:31 - 2009-07-14 06:13 - 001818714 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-26 23:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-11-26 23:30 - 2017-04-10 14:57 - 000179120 _____ C:\Users\Oťáček\AppData\Local\GDIPFONTCACHEV1.DAT
2020-11-26 23:25 - 2009-07-14 05:45 - 005235576 _____ C:\Windows\system32\FNTCACHE.DAT
2020-11-26 23:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-26 10:00 - 2018-03-13 10:12 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Opera Software
2020-11-26 10:00 - 2018-03-13 10:12 - 000000000 ____D C:\Users\Oťáček\AppData\Local\Opera Software
2020-11-26 09:47 - 2017-07-03 19:29 - 000099384 _____ C:\Users\Oťáček\AppData\Roaming\inst.exe
2020-11-26 09:47 - 2017-07-03 19:29 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2020-11-26 09:47 - 2017-07-03 19:29 - 000007859 _____ C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2020-11-26 09:47 - 2017-07-03 19:28 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\VSO
2020-11-26 09:47 - 2017-07-03 19:28 - 000000000 ____D C:\Program Files (x86)\VSO
2020-11-26 09:41 - 2020-02-28 15:34 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\uTorrent
2020-11-24 22:51 - 2017-04-11 10:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\CrashDumps
2020-11-24 13:41 - 2019-10-03 07:24 - 000003862 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-24 13:40 - 2020-10-19 14:36 - 000176744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-11-24 13:40 - 2020-04-08 23:57 - 000521752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000469832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000326416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000247888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000097352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000332368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000206408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000037152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-11-22 18:14 - 2017-05-16 15:01 - 000000047 _____ C:\trl.cfg
2020-11-22 17:35 - 2017-04-10 15:43 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-22 17:08 - 2017-04-10 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-22 00:46 - 2017-04-11 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-11-21 01:34 - 2017-09-11 16:49 - 000000000 ____D C:\Program Files\trend micro
2020-11-20 13:41 - 2020-05-31 19:47 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\audacity
2020-11-18 11:43 - 2020-10-23 14:13 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\TeamViewer
2020-11-17 02:58 - 2020-05-18 19:35 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\MPC-HC
2020-11-17 00:44 - 2019-07-13 13:35 - 000000683 _____ C:\Users\Oťáček\Desktop\Nová složka.lnk
2020-11-15 18:17 - 2019-01-20 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-11-14 21:51 - 2020-10-18 09:32 - 000000000 ____D C:\Users\Oťáček\Documents\Zrušení hesla Win 10
2020-11-14 21:51 - 2020-08-03 08:22 - 000000000 ____D C:\Users\Oťáček\Documents\4 duvody si nestezovat KK
2020-11-14 21:51 - 2020-02-19 19:20 - 000000000 ____D C:\Users\Oťáček\Documents\Logy
2020-11-14 21:51 - 2017-05-10 15:19 - 000000000 ____D C:\Users\Oťáček\Documents\Scaner
2020-11-14 21:51 - 2017-04-10 18:25 - 000000000 ____D C:\Users\Oťáček\Documents\Snagit
2020-11-14 21:51 - 2017-04-10 16:24 - 000000000 ____D C:\Users\Oťáček\Documents\Green Screen Wizard
2020-11-14 15:55 - 2017-04-10 13:13 - 000000000 ____D C:\Users\Oťáček
2020-11-13 22:21 - 2020-04-14 15:30 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-13 22:20 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-11-13 22:18 - 2020-04-14 15:24 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-12 22:36 - 2020-02-11 13:28 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-12 22:36 - 2020-02-11 13:28 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-12 22:36 - 2020-02-11 13:28 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-12 01:59 - 2017-04-11 08:55 - 000000000 ____D C:\Windows\system32\MRT
2020-11-12 01:51 - 2017-04-11 08:55 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-11 00:29 - 2020-08-01 14:15 - 000000000 ____D C:\AdwCleaner
2020-11-11 00:25 - 2020-02-15 22:05 - 000000000 ____D C:\Users\Oťáček\AppData\Local\Deployment
2020-11-11 00:18 - 2017-04-11 22:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-11-11 00:18 - 2017-04-11 22:04 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-11 00:18 - 2017-04-11 22:04 - 000000000 ____D C:\Windows\system32\Macromed
2020-11-10 10:11 - 2018-04-30 10:23 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\vlc
2020-11-08 21:35 - 2017-04-17 16:51 - 000058368 _____ C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-08 21:29 - 2020-07-20 01:12 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2020-11-08 21:29 - 2020-07-20 01:12 - 000000349 _____ C:\ProgramData\Documents\PCLECHAL.INI
2020-11-08 07:56 - 2018-09-06 10:04 - 000007673 _____ C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg
2020-11-05 20:15 - 2017-08-12 20:49 - 000000000 ____D C:\Users\Oťáček\Documents\ViberDownloads
2020-11-05 14:03 - 2009-07-14 06:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-11-03 01:07 - 2018-06-28 09:44 - 000000000 ____D C:\Users\Oťáček\Documents\FontExpert Webová alba
2020-11-01 19:29 - 2017-08-15 18:36 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\ViberPC
==================== Files in the root of some directories ========
2017-05-19 07:47 - 2017-05-19 07:47 - 000000132 _____ () C:\Users\Oťáček\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-03-13 10:11 - 2018-03-13 10:11 - 000195236 _____ () C:\Users\Oťáček\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-01-08 13:02 - 2019-01-08 13:02 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\FC.dat
2017-07-03 19:29 - 2020-11-26 09:47 - 000099384 _____ () C:\Users\Oťáček\AppData\Roaming\inst.exe
2019-11-04 13:31 - 2019-11-04 13:31 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\IP.dat
2020-04-13 21:00 - 2020-04-13 21:00 - 000000275 _____ () C:\Users\Oťáček\AppData\Roaming\mplex-log.log
2017-05-13 14:13 - 2017-09-23 11:52 - 000000643 _____ () C:\Users\Oťáček\AppData\Roaming\OŤÁČEK-PC.MTBF.txt
2020-11-26 10:05 - 2020-11-26 10:05 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\PC.dat
2020-09-19 10:16 - 2020-09-19 10:16 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\PCO.dat
2017-07-03 19:29 - 2020-11-26 09:47 - 000007859 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2017-07-03 19:29 - 2020-11-26 09:47 - 000001167 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.inf
2017-07-03 19:29 - 2020-11-26 09:47 - 000000055 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.log
2017-07-03 19:29 - 2020-11-26 09:47 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2017-04-17 16:51 - 2020-11-08 21:35 - 000058368 _____ () C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-26 09:54 - 2020-11-26 09:54 - 000000747 _____ () C:\Users\Oťáček\AppData\Local\recently-used.xbel
2018-09-06 10:04 - 2020-11-08 07:56 - 000007673 _____ () C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-23 00:37
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2020
Ran by Oťáček (27-11-2020 09:39:12)
Running from C:\Users\Oťáček\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-10 12:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-51665161-4008308083-3026018605-500 - Administrator - Disabled)
Guest (S-1-5-21-51665161-4008308083-3026018605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51665161-4008308083-3026018605-1002 - Limited - Enabled)
Oťáček (S-1-5-21-51665161-4008308083-3026018605-1000 - Administrator - Enabled) => C:\Users\Oťáček
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Abrosoft FantaMorph 5.3.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.5 - Abrosoft)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.453 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
AirDroid 3.5.4.0 (HKLM-x32\...\AirDroid) (Version: 3.5.4.0 - Sand Studio)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2015 Font Manager (HKLM-x32\...\FontExpert 2015) (Version: 13.0.0.1 - Proxima Software)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
GreenCloud Printer 7.8.4.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.8.4.0 - ObviousIdea)
GreenScreenWizard 6.9 (HKLM-x32\...\Green Screen Wizard Pro 6.9_is1) (Version: - GreenScreen Wizard LLC)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
iData RAW Partition Recovery version 1.0.0.8 (HKLM-x32\...\{8F3CD5EF-6D71-43CC-B1B9-F65C16692284}}_is1) (Version: 1.0.0.8 - iData Recovery)
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd)
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
marvell 61xx (HKLM-x32\...\mv61xxDriver) (Version: 1.2.0.7700 - Marvell)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12527.21330 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\f9a89bd2a46a7606) (Version: 17.0.4478.3 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: - )
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.4.0 - Mozilla)
Mozilla Thunderbird 78.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.0 (x86 cs)) (Version: 78.5.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netis Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.01.0243 - REALTEK Semiconductor Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\PhotoFiltre Studio X) (Version: - )
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
POPFile Data (Oťáček) (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\POPFile_Data) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Process Liquidator (HKLM-x32\...\{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1) (Version: 2.1.0.0 - 12Bytes)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScanToPDF 3.1.4 (HKLM-x32\...\ScanToPDF) (Version: 3.1.4 - O Imaging Corporation)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Snagit 11 (HKLM-x32\...\{1FB78CB6-F4EA-474F-8B0B-100EFACF3558}) (Version: 11.4.0 - TechSmith Corporation)
Subtitle Edit 3.5.16 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.16.0 - Nikse)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TinEye Internet Explorer plugin 1.0 (HKLM-x32\...\{9B8ACEA2-BA21-4A91-A950-144FED3ED133}) (Version: 1.0.0 - Idée Inc.)
Tisk Obalek 3.2.1.2 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.1.2 - Mgr. Radovan Kraus)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Verbatim GREEN BUTTON 1.68 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.322 - MPC-HC Team)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wise Duplicate Finder 1.2.9 (HKLM-x32\...\Wise Duplicate Finder_is1) (Version: 1.2.9 - WiseCleaner.com, Inc.)
Wise Folder Hider 3.38 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-51665161-4008308083-3026018605-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Oťáček\Desktop\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
ShortcutWithArgument: C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
==================== Loaded Modules (Whitelisted) =============
2014-03-03 14:36 - 2014-03-03 14:36 - 001298432 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-03-03 14:40 - 2014-03-03 14:40 - 000110592 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2014-03-03 14:41 - 2014-03-03 14:41 - 000128512 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2017-04-13 08:25 - 2012-03-06 15:05 - 000054784 _____ () [File not signed] C:\Windows\System32\gcprpm.dll
2018-02-15 17:35 - 2015-02-27 14:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2013-04-29 22:03 - 2013-04-29 22:03 - 000837632 ____N (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-04-29 22:02 - 2013-04-29 22:02 - 000005120 ____N (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000480256 ____N (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\libhunspell.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000066192 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFJbg15U.DLL
2014-03-03 14:32 - 2014-03-03 14:32 - 000126096 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFPng15U.DLL
2014-03-03 14:32 - 2014-03-03 14:32 - 000212112 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgclr15u.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000208016 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgefx15u.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000134288 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgutl15u.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000122000 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Lttwn15u.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\MSVCP140.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\ucrtbase.DLL
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\VCRUNTIME140_1.dll
2014-03-03 14:59 - 2014-04-25 17:42 - 008360816 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItEditorRes.dll
2014-03-03 14:59 - 2014-04-25 17:42 - 007454064 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItres.dll
2014-03-03 14:31 - 2014-03-03 14:31 - 000165888 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TSCREC3.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000076288 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\UpdaterInterop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-02-23 10:25 - 2020-11-21 22:03 - 000000143 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 https://www.get-express-vpn.online/vpn-service/espn-vpn
127.0.0.1 https://om.forgeofempires.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Pinnacle\Shared Files\
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: eM Client => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: FontExpertType1Loader => C:\Program Files (x86)\FontExpert\Type1Loader.exe
MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\Oťáček\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Oťáček\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9A6F0209-D19B-4299-8666-EC5C8470DD4C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E28311D5-3189-49D3-9CB8-AB39EA708E59}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A96AAC25-E7AA-47B7-A4BC-42E422A721D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{CF53A994-8A54-4307-A7F3-C86AE88491CF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3B954530-6AF4-4DB6-9AF1-B0190470DB36}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC62EE05-B3BC-4CD1-BAF9-A96390137FB9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20C3F74D-FF94-4107-89B4-9E667176F7CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF9F4863-97C3-4C4A-91D9-06F31142589E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B652D7E-1ED7-40B1-8222-F834CF8A4085}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{8C0DE59C-565B-494E-A3CE-6DC015372205}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{15EB7E9D-877E-4E4A-A7A4-555F8F8E7EED}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{49109BE4-33B3-4E6A-97A1-E4A5F313EB48}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{8EF52979-9291-40A5-8FD2-C8235F698732}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [TCP Query User{F7095C8D-2717-4DC8-A34E-7DF9EED0AED8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{32B2203D-2DC2-4F95-9729-AAE978859F3E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{B9D00C3A-CC73-4D41-9B07-2E7303C06C37}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{3EAD46FC-A5D6-43B7-8E52-988F13F20361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{A8595D0D-BC20-428B-ADE5-178A223B0724}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{018DB134-0E56-47F5-8B03-CA77AD573AA4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D9965A42-40F7-4621-BABE-A00AAC37BA24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9260761F-7BE2-4725-B4C5-BA41F14F8DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A397107B-23FD-444A-A2DC-92AA4F712F91}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{FF123FB9-9A02-4186-AC59-9C43FD53FBA5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{29308BCA-4AE2-4126-8563-0EEC698919AE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1441ACA2-712F-4CD7-988B-C063BFC3008D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F350E590-3BFA-4AC9-A8DA-519CCFEDDD3D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FE707B5E-32F2-47F2-9FCE-8D5BF6F14BBE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A1C8335C-9990-4CA0-85E2-C6E74E65A4F8}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A56C19DE-6D46-4228-9968-364E8FC3F0D1}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [TCP Query User{8E9861CF-8002-4F1E-99F6-EB3B14412A30}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{B699AD97-FF17-4260-A4E4-98E30200385D}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [{DE807617-92DC-4506-ACED-4214B20F3401}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare software CO., LIMITED -> Wondershare)
FirewallRules: [TCP Query User{ED2AA70A-653A-4B0C-AAD2-D1504468990B}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{96DA9ED8-C5AC-49D9-BEF8-60CE32AB5911}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E9644745-BCD8-4D42-9894-E6C12719B6BD}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{4430278E-3A6B-49BA-9281-BC195FF2F338}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1B4F7268-E02D-4A4C-B54D-A3B55AF9EB7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{088E71EC-74BF-4945-AE2A-0FDCB5515D8A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{FEE9C1D6-3969-4F26-AAAF-774AE3B4E796}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94092F36-B70E-4213-99C4-50116595D219}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BD5D3CD7-6CB9-4323-96F1-4039F0943A4F}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [UDP Query User{B00F7218-91D1-4C79-8BC3-AA240D426BA9}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [{14F578DB-99EE-479C-8878-3680A2B031D1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{6E34A981-B0F3-4D6A-B30A-10C0A1301A8E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A0C01EF8-522A-424E-B086-D5B3E69CCD24}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22B953D4-8900-4834-B4AD-F4902A72BF89}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:48.83 GB) (Free:5.84 GB) (12%)
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/24/2020 10:51:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Vzum.exe, verze: 1.0.0.0, časové razítko: 0xe6e18866
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb7f5
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c5af
ID chybujícího procesu: 0x2880
Čas spuštění chybující aplikace: 0x01d6c2aa6dc34160
Cesta k chybující aplikaci: E:\Stažené soubory\Vzum(4)\Vzum.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 26642700-2e9f-11eb-8c87-bcaec5cd6941
Error: (11/24/2020 10:51:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Vzum.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.Net.HttpWebRequest.AddRange(System.String, Int64, Int64)
na System.Net.HttpWebRequest.AddRange(Int64, Int64)
na Vzum.FileDownloader.GetDownloadingFileResponse()
na Vzum.FileDownloader.Vlákno()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (11/24/2020 10:04:05 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/24/2020 08:06:22 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/23/2020 04:10:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TeamViewer.exe, verze: 14.7.48350.0, časové razítko: 0x5f0c8e8e
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb751
Kód výjimky: 0xc0000005
Posun chyby: 0x0004ebc3
ID chybujícího procesu: 0x2628
Čas spuštění chybující aplikace: 0x01d6c1aa9a92b467
Cesta k chybující aplikaci: C:\Users\OEK~1\AppData\Local\Temp\TeamViewer\TeamViewer.exe
Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID zprávy: 06574cb8-2d9e-11eb-8c87-bcaec5cd6941
Error: (11/22/2020 05:25:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtWlan.exe, verze: 700.1677.122.2014, časové razítko: 0x52df90ac
Název chybujícího modulu: RtWlan.exe, verze: 700.1677.122.2014, časové razítko: 0x52df90ac
Kód výjimky: 0xc0000005
Posun chyby: 0x00029367
ID chybujícího procesu: 0x570
Čas spuštění chybující aplikace: 0x01d6c0e9e1830d1b
Cesta k chybující aplikaci: C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWlan.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWlan.exe
ID zprávy: 4fe7d110-2cdf-11eb-8c87-bcaec5cd6941
Error: (11/22/2020 12:38:02 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/19/2020 09:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Vzum.exe, verze: 1.0.0.0, časové razítko: 0xe6e18866
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb7f5
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c5af
ID chybujícího procesu: 0x2c3c
Čas spuštění chybující aplikace: 0x01d6beb25cb7b96c
Cesta k chybující aplikaci: E:\Stažené soubory\Vzum(3)\Vzum.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: a1892c67-2aa6-11eb-843a-bcaec5cd6941
System errors:
=============
Error: (11/26/2020 11:27:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek DHCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/26/2020 11:25:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.
Error: (11/26/2020 11:24:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MBAMChameleon neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/26/2020 11:24:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:22:56, 26.11.2020) bylo neočekávané.
Error: (11/25/2020 03:16:24 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (11/25/2020 03:15:00 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (11/25/2020 03:12:46 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (11/25/2020 03:10:33 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
CodeIntegrity:
===================================
Date: 2020-03-01 08:01:29.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.819
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.655
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.179
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.013
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.848
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1305 02/11/2011
Motherboard: ASUSTeK Computer INC. P8H67-M EVO
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 52%
Total physical RAM: 8173.24 MB
Available physical RAM: 3896.47 MB
Total Virtual: 16644.62 MB
Available Virtual: 12431.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.83 GB) (Free:5.84 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:882.68 GB) (Free:88.06 GB) NTFS
Drive f: (HD710 PRO) (Fixed) (Total:1863 GB) (Free:1508.96 GB) exFAT
Drive h: (ADATA HV100) (Fixed) (Total:1862.56 GB) (Free:38.46 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DD32DD32)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 87A12B7E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 0DB9BF25)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-27-2020
# Duration: 00:00:31
# OS: Windows 7 Home Premium
# Scanned: 31920
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Ještě jedno posílám logy a děkuji zatrpělivost.
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{53702BC7-8C9E-41D1-94E4-1B2AEFB2F16B}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{555B09F5-81C2-4DDA-83D1-5057F55A238F}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{F84325AE-0BB8-4C06-854F-EAC454957FA1}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF DefaultProfile: v2vukc9r.default-1604959618928
FF ProfilePath: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 [2020-11-27]
FF DownloadDir: E:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928 -> hxxps://web.whatsapp.com
FF Extension: (AdBlocker for YouTube™) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2020-11-23]
FF Extension: (Dark Background and Light Text) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2020-11-10]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-11-10]
FF Extension: (S3.Translator) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\s3@translator.xpi [2020-11-14]
FF Extension: (Tab Session Manager) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\Tab-Session-Manager@sienori.xpi [2020-11-10]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\tineye@ideeinc.com.xpi [2020-11-10]
FF Extension: (Block Site) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2020-11-10]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{49756ccc-44ea-4661-bc1f-2baba64cca2f}.xpi [2020-11-09]
FF Extension: (CSFD Magnets) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{5dcbc3c3-318a-4f86-9ae4-9bb4de536c7a}.xpi [2020-11-10]
FF Extension: (404 Bookmarks) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{5f8d31ba-47fb-4b70-bf8d-d2113f6da22f}.xpi [2020-11-10]
FF Extension: (Flash and Video Download) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-11-10]
FF Extension: (Video DownloadHelper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-11-10]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2020-11-10]
FF Extension: (No Name) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\v2vukc9r.default-1604959618928\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default [2020-11-26]
CHR DownloadDir: E:\Stažené soubory
CHR Notifications: Default -> hxxps://cs.xhamsterlive.com; hxxps://special-offers.online; hxxps://www.alirecenze.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-04]
CHR Extension: (Web Video Downloader) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\odecbmmehabeloobkgokmfgldaegiflc [2020-11-20]
CHR Extension: (Chrome Media Router) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-30]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
R2 Agent; C:\Windows\VPDAgent_x64.exe [168960 2013-08-28] (Two Pilots) [File not signed]
R3 aswbIDSAgent; E:\Avast 2019\aswidsagent.exe [8454552 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; E:\Avast 2019\AvastSvc.exe [365648 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; E:\Avast 2019\aswToolsSvc.exe [3096160 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137392 2020-11-02] (Microsoft Corporation -> Microsoft Corporation)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [File not signed]
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] (Crystal Rich Ltd -> )
R2 RealtekWlanU; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [36864 2014-04-15] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 USBSafelyRemoveService; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [1666416 2017-06-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37152 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206408 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332368 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97352 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176744 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [521752 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109280 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851608 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469832 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217336 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326416 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
R1 HWiNFO32-BackupByDriverBoosterPortable; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-24] (Martin Malik - REALiX -> REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [181040 2010-10-26] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3733208 2019-03-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Web Solution Mart -> Hajo Krabbenhöft)
R3 VAD_DEV; C:\Windows\System32\drivers\vad.sys [24992 2012-03-27] (Wondershare Software Co., Ltd. -> Windows (R) DDK provider) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WiseFs; C:\Windows\WiseFs64.sys [14256 2017-04-11] (Lespeed Technology Ltd. -> WiseCleaner.com) [File not signed]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-27 09:37 - 2020-11-27 09:38 - 000014159 _____ C:\Users\Oťáček\Desktop\FRST.txt
2020-11-27 09:35 - 2020-11-27 09:37 - 000000000 ____D C:\Users\Oťáček\Desktop\FRST-OlderVersion
2020-11-27 09:35 - 2020-11-27 09:35 - 002290176 _____ (Farbar) C:\Users\Oťáček\Desktop\FRST64(1).exe
2020-11-26 10:05 - 2020-11-26 10:05 - 000000078 _____ C:\Users\Oťáček\AppData\Roaming\PC.dat
2020-11-26 09:54 - 2020-11-26 09:54 - 000000747 _____ C:\Users\Oťáček\AppData\Local\recently-used.xbel
2020-11-26 09:47 - 2020-11-26 09:47 - 000000000 ____D C:\Users\Oťáček\Documents\PcSetup
2020-11-25 13:26 - 2020-11-25 13:26 - 000088526 _____ C:\Users\Oťáček\Documents\Rozvolňování odhalí, jak moc jsme se už stihli promořit, říká vakcinolog.PDF
2020-11-24 13:40 - 2020-11-24 13:40 - 000339552 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-11-24 13:40 - 2020-11-24 13:40 - 000217336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-11-24 09:18 - 2020-11-24 09:18 - 000430080 _____ C:\Users\Oťáček\Documents\Vyklad_umeniLV.pps
2020-11-22 18:20 - 2020-11-22 18:21 - 002645074 ____N C:\Users\Oťáček\Documents\2020-11-22_18-20-54.mp4
2020-11-22 16:57 - 2020-11-22 16:57 - 002475266 ____N C:\Users\Oťáček\Documents\2020-11-22_16-57-11.mp4
2020-11-21 01:34 - 2020-11-21 01:34 - 000000000 ____D C:\rsit
2020-11-19 10:01 - 2020-11-19 14:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-11-17 16:32 - 2020-11-22 17:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-14 21:51 - 2020-11-18 10:23 - 000140800 ___SH C:\Users\Oťáček\Documents\Thumbs.db
2020-11-14 15:55 - 2020-11-26 10:58 - 000015360 ___SH C:\Users\Oťáček\Thumbs.db
2020-11-13 18:05 - 2020-11-13 18:05 - 003571077 ____N C:\Users\Oťáček\Documents\2020-11-13_18-05-01.mp4
2020-11-11 17:04 - 2020-11-11 17:04 - 007776290 _____ C:\Users\Oťáček\Documents\Zemepis CR 02-1.ppsx
2020-11-11 00:30 - 2020-11-11 00:30 - 008447152 _____ (Malwarebytes) C:\Users\Oťáček\Downloads\adwcleaner_8.0.8(1).exe
2020-11-11 00:29 - 2020-11-11 00:29 - 008447152 _____ (Malwarebytes) C:\Users\Oťáček\Desktop\adwcleaner_8.0.8.exe
2020-11-09 23:13 - 2020-11-09 23:13 - 000004685 _____ C:\Users\Oťáček\Downloads\S3Translator.2020.11.09.23.12.54.txt
2020-11-09 23:07 - 2020-11-09 23:07 - 000000000 ____D C:\Users\Oťáček\Desktop\Původní data aplikace Firefox
2020-11-09 11:30 - 2020-11-09 11:47 - 000000000 ____D C:\Users\Oťáček\Desktop\honza
2020-11-09 10:47 - 2020-11-09 10:47 - 002065768 _____ (Malwarebytes) C:\Users\Oťáček\Desktop\MBSetup(2).exe
2020-11-09 10:45 - 2020-11-09 10:43 - 029780016 _____ (TeamViewer Germany GmbH) C:\Users\Oťáček\Desktop\TeamViewer_Setup (3).exe
2020-11-06 19:30 - 2020-11-06 19:31 - 002414924 ____N C:\Users\Oťáček\Documents\Cena ASUS Zenfone 7 Pro.mp4
2020-11-05 17:57 - 2020-11-05 17:57 - 000047079 _____ C:\Users\Oťáček\Desktop\Export.pdf
2020-11-05 15:23 - 2020-11-05 15:23 - 000002145 _____ C:\Users\Oťáček\Documents\AdwCleaner[S10].txt
2020-11-05 11:26 - 2020-11-27 09:12 - 000003136 _____ C:\Windows\system32\Tasks\{89708064-778A-43F1-884E-B3105783DD14}
2020-11-05 11:21 - 2020-11-05 11:26 - 000000000 ____D C:\Program Files\IrfanView
2020-11-05 11:21 - 2020-11-05 11:21 - 000001848 _____ C:\Users\Public\Desktop\IrfanView 64 Thumbnails.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000001848 _____ C:\ProgramData\Desktop\IrfanView 64 Thumbnails.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000000974 _____ C:\Users\Public\Desktop\IrfanView 64.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000000974 _____ C:\ProgramData\Desktop\IrfanView 64.lnk
2020-11-05 11:21 - 2020-11-05 11:21 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\IrfanView
2020-11-05 11:21 - 2020-11-05 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2020-11-04 10:05 - 2020-11-04 10:06 - 310179837 _____ C:\Users\Oťáček\Documents\záloha.snagarchive
2020-11-01 23:57 - 2020-11-24 22:33 - 000000000 ____D C:\Users\Oťáček\AppData\Local\Vzum
2020-11-01 23:38 - 2020-11-27 09:12 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-01 23:38 - 2020-11-27 09:12 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-01 23:38 - 2020-11-27 00:22 - 000000000 ____D C:\Program Files\CCleaner
2020-11-01 23:38 - 2020-11-14 00:22 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-01 23:38 - 2020-11-14 00:22 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-01 23:38 - 2020-11-01 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-10-31 13:05 - 2020-10-31 13:05 - 003326278 _____ C:\Users\Oťáček\Documents\Gril Tefan návod.pdf
2020-10-29 13:13 - 2020-10-29 13:13 - 005051904 _____ C:\Users\Oťáček\Documents\Jen_vystrihovanka.....pps
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-27 09:37 - 2020-09-22 19:08 - 000000000 ____D C:\FRST
2020-11-27 09:35 - 2017-04-10 15:10 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\Mozilla
2020-11-27 09:28 - 2017-04-10 13:13 - 000000000 ___RD C:\Users\Oťáček\Obrázky
2020-11-27 09:12 - 2020-10-18 10:29 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-27 09:12 - 2020-10-18 10:29 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-27 09:12 - 2020-03-18 02:20 - 000003014 _____ C:\Windows\system32\Tasks\UMonitor Task
2020-11-27 09:12 - 2019-03-09 00:18 - 000004544 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-11-27 09:12 - 2019-03-08 22:46 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-11-27 09:12 - 2018-03-13 21:41 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-27 09:12 - 2017-04-10 15:45 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-11-27 09:12 - 2017-04-10 13:16 - 000003978 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F4B66E77-4023-4CA3-A918-E9DABCC6A041}
2020-11-27 03:21 - 2009-07-14 05:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-27 03:21 - 2009-07-14 05:45 - 000026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-27 01:02 - 2019-02-09 07:16 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-27 00:01 - 2018-02-26 10:24 - 000000000 ____D C:\Users\Oťáček\AppData\Local\AVAST Software
2020-11-26 23:31 - 2009-07-14 16:18 - 000759582 _____ C:\Windows\system32\perfh005.dat
2020-11-26 23:31 - 2009-07-14 16:18 - 000177416 _____ C:\Windows\system32\perfc005.dat
2020-11-26 23:31 - 2009-07-14 06:13 - 001818714 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-26 23:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-11-26 23:30 - 2017-04-10 14:57 - 000179120 _____ C:\Users\Oťáček\AppData\Local\GDIPFONTCACHEV1.DAT
2020-11-26 23:25 - 2009-07-14 05:45 - 005235576 _____ C:\Windows\system32\FNTCACHE.DAT
2020-11-26 23:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-26 10:00 - 2018-03-13 10:12 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Opera Software
2020-11-26 10:00 - 2018-03-13 10:12 - 000000000 ____D C:\Users\Oťáček\AppData\Local\Opera Software
2020-11-26 09:47 - 2017-07-03 19:29 - 000099384 _____ C:\Users\Oťáček\AppData\Roaming\inst.exe
2020-11-26 09:47 - 2017-07-03 19:29 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2020-11-26 09:47 - 2017-07-03 19:29 - 000007859 _____ C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2020-11-26 09:47 - 2017-07-03 19:28 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\VSO
2020-11-26 09:47 - 2017-07-03 19:28 - 000000000 ____D C:\Program Files (x86)\VSO
2020-11-26 09:41 - 2020-02-28 15:34 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\uTorrent
2020-11-24 22:51 - 2017-04-11 10:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\CrashDumps
2020-11-24 13:41 - 2019-10-03 07:24 - 000003862 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-24 13:40 - 2020-10-19 14:36 - 000176744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-11-24 13:40 - 2020-04-08 23:57 - 000521752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000469832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000326416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000247888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000097352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-11-24 13:40 - 2019-03-28 10:16 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000332368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000206408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-11-24 13:39 - 2019-03-28 10:16 - 000037152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-11-22 18:14 - 2017-05-16 15:01 - 000000047 _____ C:\trl.cfg
2020-11-22 17:35 - 2017-04-10 15:43 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-22 17:08 - 2017-04-10 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-22 00:46 - 2017-04-11 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-11-21 01:34 - 2017-09-11 16:49 - 000000000 ____D C:\Program Files\trend micro
2020-11-20 13:41 - 2020-05-31 19:47 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\audacity
2020-11-18 11:43 - 2020-10-23 14:13 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\TeamViewer
2020-11-17 02:58 - 2020-05-18 19:35 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\MPC-HC
2020-11-17 00:44 - 2019-07-13 13:35 - 000000683 _____ C:\Users\Oťáček\Desktop\Nová složka.lnk
2020-11-15 18:17 - 2019-01-20 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-11-14 21:51 - 2020-10-18 09:32 - 000000000 ____D C:\Users\Oťáček\Documents\Zrušení hesla Win 10
2020-11-14 21:51 - 2020-08-03 08:22 - 000000000 ____D C:\Users\Oťáček\Documents\4 duvody si nestezovat KK
2020-11-14 21:51 - 2020-02-19 19:20 - 000000000 ____D C:\Users\Oťáček\Documents\Logy
2020-11-14 21:51 - 2017-05-10 15:19 - 000000000 ____D C:\Users\Oťáček\Documents\Scaner
2020-11-14 21:51 - 2017-04-10 18:25 - 000000000 ____D C:\Users\Oťáček\Documents\Snagit
2020-11-14 21:51 - 2017-04-10 16:24 - 000000000 ____D C:\Users\Oťáček\Documents\Green Screen Wizard
2020-11-14 15:55 - 2017-04-10 13:13 - 000000000 ____D C:\Users\Oťáček
2020-11-13 22:21 - 2020-04-14 15:30 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-13 22:20 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-11-13 22:18 - 2020-04-14 15:24 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-12 22:36 - 2020-02-11 13:28 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-12 22:36 - 2020-02-11 13:28 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-12 22:36 - 2020-02-11 13:28 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-12 01:59 - 2017-04-11 08:55 - 000000000 ____D C:\Windows\system32\MRT
2020-11-12 01:51 - 2017-04-11 08:55 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-11 00:29 - 2020-08-01 14:15 - 000000000 ____D C:\AdwCleaner
2020-11-11 00:25 - 2020-02-15 22:05 - 000000000 ____D C:\Users\Oťáček\AppData\Local\Deployment
2020-11-11 00:18 - 2017-04-11 22:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-11-11 00:18 - 2017-04-11 22:04 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-11 00:18 - 2017-04-11 22:04 - 000000000 ____D C:\Windows\system32\Macromed
2020-11-10 10:11 - 2018-04-30 10:23 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\vlc
2020-11-08 21:35 - 2017-04-17 16:51 - 000058368 _____ C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-08 21:29 - 2020-07-20 01:12 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2020-11-08 21:29 - 2020-07-20 01:12 - 000000349 _____ C:\ProgramData\Documents\PCLECHAL.INI
2020-11-08 07:56 - 2018-09-06 10:04 - 000007673 _____ C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg
2020-11-05 20:15 - 2017-08-12 20:49 - 000000000 ____D C:\Users\Oťáček\Documents\ViberDownloads
2020-11-05 14:03 - 2009-07-14 06:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-11-03 01:07 - 2018-06-28 09:44 - 000000000 ____D C:\Users\Oťáček\Documents\FontExpert Webová alba
2020-11-01 19:29 - 2017-08-15 18:36 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\ViberPC
==================== Files in the root of some directories ========
2017-05-19 07:47 - 2017-05-19 07:47 - 000000132 _____ () C:\Users\Oťáček\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-03-13 10:11 - 2018-03-13 10:11 - 000195236 _____ () C:\Users\Oťáček\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-01-08 13:02 - 2019-01-08 13:02 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\FC.dat
2017-07-03 19:29 - 2020-11-26 09:47 - 000099384 _____ () C:\Users\Oťáček\AppData\Roaming\inst.exe
2019-11-04 13:31 - 2019-11-04 13:31 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\IP.dat
2020-04-13 21:00 - 2020-04-13 21:00 - 000000275 _____ () C:\Users\Oťáček\AppData\Roaming\mplex-log.log
2017-05-13 14:13 - 2017-09-23 11:52 - 000000643 _____ () C:\Users\Oťáček\AppData\Roaming\OŤÁČEK-PC.MTBF.txt
2020-11-26 10:05 - 2020-11-26 10:05 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\PC.dat
2020-09-19 10:16 - 2020-09-19 10:16 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\PCO.dat
2017-07-03 19:29 - 2020-11-26 09:47 - 000007859 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2017-07-03 19:29 - 2020-11-26 09:47 - 000001167 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.inf
2017-07-03 19:29 - 2020-11-26 09:47 - 000000055 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.log
2017-07-03 19:29 - 2020-11-26 09:47 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2017-04-17 16:51 - 2020-11-08 21:35 - 000058368 _____ () C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-26 09:54 - 2020-11-26 09:54 - 000000747 _____ () C:\Users\Oťáček\AppData\Local\recently-used.xbel
2018-09-06 10:04 - 2020-11-08 07:56 - 000007673 _____ () C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-23 00:37
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2020
Ran by Oťáček (27-11-2020 09:39:12)
Running from C:\Users\Oťáček\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-10 12:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-51665161-4008308083-3026018605-500 - Administrator - Disabled)
Guest (S-1-5-21-51665161-4008308083-3026018605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51665161-4008308083-3026018605-1002 - Limited - Enabled)
Oťáček (S-1-5-21-51665161-4008308083-3026018605-1000 - Administrator - Enabled) => C:\Users\Oťáček
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Abrosoft FantaMorph 5.3.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.5 - Abrosoft)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.453 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
AirDroid 3.5.4.0 (HKLM-x32\...\AirDroid) (Version: 3.5.4.0 - Sand Studio)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2015 Font Manager (HKLM-x32\...\FontExpert 2015) (Version: 13.0.0.1 - Proxima Software)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
GreenCloud Printer 7.8.4.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.8.4.0 - ObviousIdea)
GreenScreenWizard 6.9 (HKLM-x32\...\Green Screen Wizard Pro 6.9_is1) (Version: - GreenScreen Wizard LLC)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
iData RAW Partition Recovery version 1.0.0.8 (HKLM-x32\...\{8F3CD5EF-6D71-43CC-B1B9-F65C16692284}}_is1) (Version: 1.0.0.8 - iData Recovery)
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd)
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
marvell 61xx (HKLM-x32\...\mv61xxDriver) (Version: 1.2.0.7700 - Marvell)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12527.21330 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\f9a89bd2a46a7606) (Version: 17.0.4478.3 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: - )
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.4.0 - Mozilla)
Mozilla Thunderbird 78.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.0 (x86 cs)) (Version: 78.5.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netis Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.01.0243 - REALTEK Semiconductor Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\PhotoFiltre Studio X) (Version: - )
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
POPFile Data (Oťáček) (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\POPFile_Data) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Process Liquidator (HKLM-x32\...\{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1) (Version: 2.1.0.0 - 12Bytes)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScanToPDF 3.1.4 (HKLM-x32\...\ScanToPDF) (Version: 3.1.4 - O Imaging Corporation)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Snagit 11 (HKLM-x32\...\{1FB78CB6-F4EA-474F-8B0B-100EFACF3558}) (Version: 11.4.0 - TechSmith Corporation)
Subtitle Edit 3.5.16 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.16.0 - Nikse)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TinEye Internet Explorer plugin 1.0 (HKLM-x32\...\{9B8ACEA2-BA21-4A91-A950-144FED3ED133}) (Version: 1.0.0 - Idée Inc.)
Tisk Obalek 3.2.1.2 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.1.2 - Mgr. Radovan Kraus)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Verbatim GREEN BUTTON 1.68 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.322 - MPC-HC Team)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wise Duplicate Finder 1.2.9 (HKLM-x32\...\Wise Duplicate Finder_is1) (Version: 1.2.9 - WiseCleaner.com, Inc.)
Wise Folder Hider 3.38 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-51665161-4008308083-3026018605-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast 2019\ashShell.dll [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software, a.s. -> ZONER software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Oťáček\Desktop\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
ShortcutWithArgument: C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Aliexpress česky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jeggofhlgndddenkjfloklflmjjjfdbe
==================== Loaded Modules (Whitelisted) =============
2014-03-03 14:36 - 2014-03-03 14:36 - 001298432 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-03-03 14:40 - 2014-03-03 14:40 - 000110592 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2014-03-03 14:41 - 2014-03-03 14:41 - 000128512 ____N () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2017-04-13 08:25 - 2012-03-06 15:05 - 000054784 _____ () [File not signed] C:\Windows\System32\gcprpm.dll
2018-02-15 17:35 - 2015-02-27 14:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2013-04-29 22:03 - 2013-04-29 22:03 - 000837632 ____N (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-04-29 22:02 - 2013-04-29 22:02 - 000005120 ____N (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000480256 ____N (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\libhunspell.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000066192 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFJbg15U.DLL
2014-03-03 14:32 - 2014-03-03 14:32 - 000126096 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\LFPng15U.DLL
2014-03-03 14:32 - 2014-03-03 14:32 - 000212112 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgclr15u.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000208016 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgefx15u.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000134288 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgutl15u.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000122000 ____N (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\Lttwn15u.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-10 13:36 - 2020-07-10 13:36 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\MSVCP140.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\ucrtbase.DLL
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-26 10:30 - 2020-11-26 10:30 - 000000000 ____L (Microsoft Corporation) E:\Avast 2019\defs\20112600\avast.local_vc142.crt\VCRUNTIME140_1.dll
2014-03-03 14:59 - 2014-04-25 17:42 - 008360816 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItEditorRes.dll
2014-03-03 14:59 - 2014-04-25 17:42 - 007454064 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\SnagItres.dll
2014-03-03 14:31 - 2014-03-03 14:31 - 000165888 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\TSCREC3.dll
2014-03-03 14:32 - 2014-03-03 14:32 - 000076288 ____N (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 11\UpdaterInterop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-02-23 10:25 - 2020-11-21 22:03 - 000000143 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 https://www.get-express-vpn.online/vpn-service/espn-vpn
127.0.0.1 https://om.forgeofempires.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Pinnacle\Shared Files\
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: eM Client => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: FontExpertType1Loader => C:\Program Files (x86)\FontExpert\Type1Loader.exe
MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\Oťáček\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Oťáček\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9A6F0209-D19B-4299-8666-EC5C8470DD4C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E28311D5-3189-49D3-9CB8-AB39EA708E59}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A96AAC25-E7AA-47B7-A4BC-42E422A721D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{CF53A994-8A54-4307-A7F3-C86AE88491CF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3B954530-6AF4-4DB6-9AF1-B0190470DB36}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC62EE05-B3BC-4CD1-BAF9-A96390137FB9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20C3F74D-FF94-4107-89B4-9E667176F7CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF9F4863-97C3-4C4A-91D9-06F31142589E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B652D7E-1ED7-40B1-8222-F834CF8A4085}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{8C0DE59C-565B-494E-A3CE-6DC015372205}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{15EB7E9D-877E-4E4A-A7A4-555F8F8E7EED}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{49109BE4-33B3-4E6A-97A1-E4A5F313EB48}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [{8EF52979-9291-40A5-8FD2-C8235F698732}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () [File not signed]
FirewallRules: [TCP Query User{F7095C8D-2717-4DC8-A34E-7DF9EED0AED8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{32B2203D-2DC2-4F95-9729-AAE978859F3E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{B9D00C3A-CC73-4D41-9B07-2E7303C06C37}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{3EAD46FC-A5D6-43B7-8E52-988F13F20361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{A8595D0D-BC20-428B-ADE5-178A223B0724}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{018DB134-0E56-47F5-8B03-CA77AD573AA4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D9965A42-40F7-4621-BABE-A00AAC37BA24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9260761F-7BE2-4725-B4C5-BA41F14F8DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A397107B-23FD-444A-A2DC-92AA4F712F91}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{FF123FB9-9A02-4186-AC59-9C43FD53FBA5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{29308BCA-4AE2-4126-8563-0EEC698919AE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1441ACA2-712F-4CD7-988B-C063BFC3008D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F350E590-3BFA-4AC9-A8DA-519CCFEDDD3D}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FE707B5E-32F2-47F2-9FCE-8D5BF6F14BBE}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A1C8335C-9990-4CA0-85E2-C6E74E65A4F8}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{A56C19DE-6D46-4228-9968-364E8FC3F0D1}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [TCP Query User{8E9861CF-8002-4F1E-99F6-EB3B14412A30}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{B699AD97-FF17-4260-A4E4-98E30200385D}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [{DE807617-92DC-4506-ACED-4214B20F3401}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare software CO., LIMITED -> Wondershare)
FirewallRules: [TCP Query User{ED2AA70A-653A-4B0C-AAD2-D1504468990B}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{96DA9ED8-C5AC-49D9-BEF8-60CE32AB5911}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E9644745-BCD8-4D42-9894-E6C12719B6BD}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{4430278E-3A6B-49BA-9281-BC195FF2F338}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1B4F7268-E02D-4A4C-B54D-A3B55AF9EB7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{088E71EC-74BF-4945-AE2A-0FDCB5515D8A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{FEE9C1D6-3969-4F26-AAAF-774AE3B4E796}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94092F36-B70E-4213-99C4-50116595D219}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BD5D3CD7-6CB9-4323-96F1-4039F0943A4F}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [UDP Query User{B00F7218-91D1-4C79-8BC3-AA240D426BA9}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems) [File not signed]
FirewallRules: [{14F578DB-99EE-479C-8878-3680A2B031D1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{6E34A981-B0F3-4D6A-B30A-10C0A1301A8E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A0C01EF8-522A-424E-B086-D5B3E69CCD24}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22B953D4-8900-4834-B4AD-F4902A72BF89}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:48.83 GB) (Free:5.84 GB) (12%)
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/24/2020 10:51:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Vzum.exe, verze: 1.0.0.0, časové razítko: 0xe6e18866
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb7f5
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c5af
ID chybujícího procesu: 0x2880
Čas spuštění chybující aplikace: 0x01d6c2aa6dc34160
Cesta k chybující aplikaci: E:\Stažené soubory\Vzum(4)\Vzum.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 26642700-2e9f-11eb-8c87-bcaec5cd6941
Error: (11/24/2020 10:51:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Vzum.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.Net.HttpWebRequest.AddRange(System.String, Int64, Int64)
na System.Net.HttpWebRequest.AddRange(Int64, Int64)
na Vzum.FileDownloader.GetDownloadingFileResponse()
na Vzum.FileDownloader.Vlákno()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (11/24/2020 10:04:05 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/24/2020 08:06:22 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/23/2020 04:10:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TeamViewer.exe, verze: 14.7.48350.0, časové razítko: 0x5f0c8e8e
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb751
Kód výjimky: 0xc0000005
Posun chyby: 0x0004ebc3
ID chybujícího procesu: 0x2628
Čas spuštění chybující aplikace: 0x01d6c1aa9a92b467
Cesta k chybující aplikaci: C:\Users\OEK~1\AppData\Local\Temp\TeamViewer\TeamViewer.exe
Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID zprávy: 06574cb8-2d9e-11eb-8c87-bcaec5cd6941
Error: (11/22/2020 05:25:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtWlan.exe, verze: 700.1677.122.2014, časové razítko: 0x52df90ac
Název chybujícího modulu: RtWlan.exe, verze: 700.1677.122.2014, časové razítko: 0x52df90ac
Kód výjimky: 0xc0000005
Posun chyby: 0x00029367
ID chybujícího procesu: 0x570
Čas spuštění chybující aplikace: 0x01d6c0e9e1830d1b
Cesta k chybující aplikaci: C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWlan.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtWlan.exe
ID zprávy: 4fe7d110-2cdf-11eb-8c87-bcaec5cd6941
Error: (11/22/2020 12:38:02 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/19/2020 09:34:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Vzum.exe, verze: 1.0.0.0, časové razítko: 0xe6e18866
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb7f5
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c5af
ID chybujícího procesu: 0x2c3c
Čas spuštění chybující aplikace: 0x01d6beb25cb7b96c
Cesta k chybující aplikaci: E:\Stažené soubory\Vzum(3)\Vzum.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: a1892c67-2aa6-11eb-843a-bcaec5cd6941
System errors:
=============
Error: (11/26/2020 11:27:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek DHCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/26/2020 11:25:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.
Error: (11/26/2020 11:24:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MBAMChameleon neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/26/2020 11:24:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:22:56, 26.11.2020) bylo neočekávané.
Error: (11/25/2020 03:16:24 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (11/25/2020 03:15:00 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (11/25/2020 03:12:46 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (11/25/2020 03:10:33 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
CodeIntegrity:
===================================
Date: 2020-03-01 08:01:29.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.819
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.655
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.179
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:28.013
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.848
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-01 08:01:27.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1305 02/11/2011
Motherboard: ASUSTeK Computer INC. P8H67-M EVO
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 52%
Total physical RAM: 8173.24 MB
Available physical RAM: 3896.47 MB
Total Virtual: 16644.62 MB
Available Virtual: 12431.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.83 GB) (Free:5.84 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:882.68 GB) (Free:88.06 GB) NTFS
Drive f: (HD710 PRO) (Fixed) (Total:1863 GB) (Free:1508.96 GB) exFAT
Drive h: (ADATA HV100) (Fixed) (Total:1862.56 GB) (Free:38.46 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DD32DD32)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 87A12B7E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 0DB9BF25)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-27-2020
# Duration: 00:00:31
# OS: Windows 7 Home Premium
# Scanned: 31920
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Comp často zamrzá
Tak ještě jednou. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
C:\Windows\system32\Tasks\{89708064-778A-43F1-884E-B3105783DD14}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?