Prosím o kontrolu logu.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by J H (11-10-2020 20:51:54)
Running from C:\Users\JH\Desktop
Windows 10 Pro Version 2004 19041.508 (X64) (2020-09-16 01:33:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3318541500-1064375986-2057149807-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3318541500-1064375986-2057149807-503 - Limited - Disabled)
Guest (S-1-5-21-3318541500-1064375986-2057149807-501 - Limited - Disabled)
J H (S-1-5-21-3318541500-1064375986-2057149807-1001 - Administrator - Enabled) => C:\Users\J H
WDAGUtilityAccount (S-1-5-21-3318541500-1064375986-2057149807-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2077, 08.05.2018 - AIMP DevTeam)
AMD Radeon Pro and AMD FirePro Settings (HKLM\...\WUCCCApp) (Version: 2019.0715.1006.18179 - Advanced Micro Devices, Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Citrix Receiver 4.9 LTSR (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.9000.33 - Citrix Systems, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
GIMP 2.10.0 (HKLM\...\GIMP-2_is1) (Version: 2.10.0 - The GIMP Team)
GMX - Enhanced by Google (HKLM-x32\...\{4CA6A466-1C26-75E6-ADA6-05667D26D6E6}) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP 3D DriveGuard (HKLM-x32\...\{7838086D-29FC-4C69-9AC4-DF450BFB0BFD}) (Version: 5.2.2.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{51388444-3369-4569-bbf3-98582f5e67a1}) (Version: 4.4.0.0 - HP)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1350 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.38 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.41 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 77.0.1 (x64 cs)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
Online Plug-in (HKLM-x32\...\{60DAC978-9F4D-4A40-A953-0D7B76B3F326}) (Version: 14.9.9000.33 - Citrix Systems, Inc.) Hidden
Self-service Plug-in (HKLM-x32\...\{6ECD67AC-54EA-4E86-803B-AE727E5DBE5D}) (Version: 4.9.9000.23 - Citrix Systems, Inc.) Hidden
Skype verze 8.61 (HKLM-x32\...\Skype_is1) (Version: 8.61 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.65 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{0CDA14EC-A786-4A8B-9CDC-0B7D93AD9887}) (Version: 4.5.341.0 - Synaptics)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.4.2012.1 - URSoft, Inc.)
Zoom (HKU\S-1-5-21-3318541500-1064375986-2057149807-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-19] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-09-15] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2018-06-29] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2018-06-29] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-07-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-08 12:43 - 2019-01-08 12:43 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-08 12:43 - 2019-01-08 12:43 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\0320b8182ad666337c8cdeb717de5b86\PSIClient.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000019968 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\2bbe6605fc17c7b4e260c7001ab3482f\IAStorCommon.ni.dll
2018-06-28 09:47 - 2018-06-28 09:47 - 000269824 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2018-06-28 09:47 - 2018-06-28 09:47 - 000465920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000075264 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\08c29a5ebdb831a9f5d9b7c3ef4f3a6d\IAStorDataMgr.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000379392 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\252f8a08a486fdefde681d2dbc116dbb\IAStorUtil.ni.dll
2020-10-10 13:55 - 2020-10-10 13:55 - 001117184 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\82eeaf4a93642f88c8252bbee61bcefa\IAStorViewModel.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 003881984 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\de2ea01bbcafa76d390b02016769b9e8\PSI.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000644608 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\0d91d0c22755154e110d4f52ecb01bad\PsiData.ni.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 12:44 - 2006-10-26 12:44 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\csm.dll
2006-10-26 12:45 - 2006-10-26 12:45 - 000247296 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\7ac9029d17dddc2f4c522f89b1c005b9\IAStorDataMgrSvcInterfaces.ni.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-07-15 10:04 - 2019-07-15 10:04 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [328]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://xvideotokyo.online/290820trf
SearchScopes: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=dpyqptgki1320egikmoq9ay&p_w=y3w16&q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-10-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-10-10] (Oracle America, Inc. -> Oracle Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 109.238.32.52 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "AccelerometerSysTrayApplet"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "JMB36X IDE Setup"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BF5DFBD6-AC7F-4E7F-8625-BFEDFC3B43B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B709A4EC-319B-4749-9767-47DE2BC37D85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9DE57C34-0C63-44E1-B402-E06F6FE48871}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9CDD0487-1CB5-4A5A-9550-6FBFCCC0DE03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8A2F0C77-E970-431A-A973-63067E81BFE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6CB19721-19C1-4981-8C9A-3A88358D5690}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B4BA5E41-C31B-46D7-8A27-5E6C9668EAD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{BBD6166A-33D6-407C-B8B9-F556D80C43D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D3A1070A-75DD-4873-BD89-B75FFABB54F0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{737C8D2E-C9F7-4C38-AA4B-B4097B0BB2BF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F36ABDCC-ECDE-4D2D-86BC-491E7D20AAB7}] => (Allow) C:\Users\Josef Hájek\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C6F42284-5B08-442F-8549-101542C03DD4}] => (Allow) C:\Users\Josef Hájek\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FD823CF9-6801-4344-84AA-76E2FDDE1B2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{510E82D5-8549-4B64-BB05-6B1F0194B028}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BEBCC6C9-CB9E-4D5D-A97B-1A88FFBA27B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F8DB4BED-92DC-4C42-8B2B-BB7CD20D9D13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D88F6C5-F6E3-44B0-9718-2257F7775CD0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0D554069-48F1-49BE-B18A-5E5EA824A5F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A5CB0D5C-5D32-4D54-B324-EBAD65CFD3F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:78.95 GB) (Free:30.55 GB) (39%)
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/11/2020 08:39:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x162c
Čas spuštění chybující aplikace: 0x01d69ffdccdc58bb
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9f4063a7-5218-461e-9534-eb5a0b7ddec5
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x1ec8
Čas spuštění chybující aplikace: 0x01d69ffd37d3a251
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 42e6949c-e09a-476a-b127-79ac047fc5d6
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:17:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x26d4
Čas spuštění chybující aplikace: 0x01d69ffac0887fe0
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 73c29111-a1fe-4795-8907-5b8ac789d059
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:14:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x1ee4
Čas spuštění chybující aplikace: 0x01d69ffa419d6b37
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: db6b277d-ae58-4cd5-ae90-0cce17740d59
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:00:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x764
Čas spuštění chybující aplikace: 0x01d69ff86a94e34f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: adcc97be-dfae-482c-8e85-26568ee9d534
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 07:29:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x23e4
Čas spuštění chybující aplikace: 0x01d69ff404480ad8
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 5aa6a9e3-2bae-4db5-b738-fb5cc88ff286
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 07:26:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x1d4c
Čas spuštění chybující aplikace: 0x01d69ff39173add8
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6ba7f07c-d75d-4e22-b800-3d73b64cffeb
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 06:55:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0xe9c
Čas spuštění chybující aplikace: 0x01d69fef5d1cef81
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1b44185a-9cb0-4f94-b3bf-9ad0d7711a92
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Synaptics FP WBF Policy Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba fpCsEvtSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba hpHotkeyMonitor byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Software Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2020-10-10 09:36:37.6530000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.325.496.0
Předchozí verze bezpečnostních informací: 1.313.1855.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.17500.4
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2020-10-10 09:36:37.6530000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.325.496.0
Předchozí verze bezpečnostních informací: 1.313.1855.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.17500.4
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2020-10-10 09:36:25.5420000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.1855.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-10-10 09:36:13.4970000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4730000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4590000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4400000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4240000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4100000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.3910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.3330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard 68IAV Ver. F.40 01/31/2013
Motherboard: Hewlett-Packard 176C
Processor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Percentage of memory in use: 70%
Total physical RAM: 4027.55 MB
Available physical RAM: 1174.8 MB
Total Virtual: 4731.55 MB
Available Virtual: 1029.95 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:78.95 GB) (Free:30.55 GB) NTFS
Drive d: (DATA) (Fixed) (Total:385.63 GB) (Free:306.69 GB) NTFS
\\?\Volume{310110be-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{310110be-0000-0000-0000-30df13000000}\ () (Fixed) (Total:0.64 GB) (Free:0.11 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 310110BE)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=652 MB) - (Type=27)
Partition 4: (Not Active) - (Size=385.6 GB) - (Type=0F Extended)
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by Josef Hájek (11-10-2020 20:51:54)
Running from C:\Users\Josef Hájek\Desktop
Windows 10 Pro Version 2004 19041.508 (X64) (2020-09-16 01:33:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3318541500-1064375986-2057149807-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3318541500-1064375986-2057149807-503 - Limited - Disabled)
Guest (S-1-5-21-3318541500-1064375986-2057149807-501 - Limited - Disabled)
Josef Hájek (S-1-5-21-3318541500-1064375986-2057149807-1001 - Administrator - Enabled) => C:\Users\Josef Hájek
WDAGUtilityAccount (S-1-5-21-3318541500-1064375986-2057149807-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2077, 08.05.2018 - AIMP DevTeam)
AMD Radeon Pro and AMD FirePro Settings (HKLM\...\WUCCCApp) (Version: 2019.0715.1006.18179 - Advanced Micro Devices, Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Citrix Receiver 4.9 LTSR (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.9000.33 - Citrix Systems, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
GIMP 2.10.0 (HKLM\...\GIMP-2_is1) (Version: 2.10.0 - The GIMP Team)
GMX - Enhanced by Google (HKLM-x32\...\{4CA6A466-1C26-75E6-ADA6-05667D26D6E6}) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP 3D DriveGuard (HKLM-x32\...\{7838086D-29FC-4C69-9AC4-DF450BFB0BFD}) (Version: 5.2.2.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{51388444-3369-4569-bbf3-98582f5e67a1}) (Version: 4.4.0.0 - HP)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1350 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.38 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.41 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 77.0.1 (x64 cs)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
Online Plug-in (HKLM-x32\...\{60DAC978-9F4D-4A40-A953-0D7B76B3F326}) (Version: 14.9.9000.33 - Citrix Systems, Inc.) Hidden
Self-service Plug-in (HKLM-x32\...\{6ECD67AC-54EA-4E86-803B-AE727E5DBE5D}) (Version: 4.9.9000.23 - Citrix Systems, Inc.) Hidden
Skype verze 8.61 (HKLM-x32\...\Skype_is1) (Version: 8.61 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.65 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{0CDA14EC-A786-4A8B-9CDC-0B7D93AD9887}) (Version: 4.5.341.0 - Synaptics)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.4.2012.1 - URSoft, Inc.)
Zoom (HKU\S-1-5-21-3318541500-1064375986-2057149807-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-19] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-09-15] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2018-06-29] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2018-06-29] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-07-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-08 12:43 - 2019-01-08 12:43 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-08 12:43 - 2019-01-08 12:43 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\0320b8182ad666337c8cdeb717de5b86\PSIClient.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000019968 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\2bbe6605fc17c7b4e260c7001ab3482f\IAStorCommon.ni.dll
2018-06-28 09:47 - 2018-06-28 09:47 - 000269824 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2018-06-28 09:47 - 2018-06-28 09:47 - 000465920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000075264 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\08c29a5ebdb831a9f5d9b7c3ef4f3a6d\IAStorDataMgr.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000379392 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\252f8a08a486fdefde681d2dbc116dbb\IAStorUtil.ni.dll
2020-10-10 13:55 - 2020-10-10 13:55 - 001117184 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\82eeaf4a93642f88c8252bbee61bcefa\IAStorViewModel.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 003881984 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\de2ea01bbcafa76d390b02016769b9e8\PSI.ni.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000644608 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\0d91d0c22755154e110d4f52ecb01bad\PsiData.ni.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 12:44 - 2006-10-26 12:44 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\csm.dll
2006-10-26 12:45 - 2006-10-26 12:45 - 000247296 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2020-10-10 13:54 - 2020-10-10 13:54 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\7ac9029d17dddc2f4c522f89b1c005b9\IAStorDataMgrSvcInterfaces.ni.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-07-15 10:04 - 2019-07-15 10:04 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 12:43 - 2019-01-08 12:43 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-08 12:44 - 2019-01-08 12:44 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [328]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://xvideotokyo.online/290820trf
SearchScopes: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=dpyqptgki1320egikmoq9ay&p_w=y3w16&q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-10-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-10-10] (Oracle America, Inc. -> Oracle Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-11-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 109.238.32.52 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "AccelerometerSysTrayApplet"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "JMB36X IDE Setup"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BF5DFBD6-AC7F-4E7F-8625-BFEDFC3B43B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B709A4EC-319B-4749-9767-47DE2BC37D85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9DE57C34-0C63-44E1-B402-E06F6FE48871}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9CDD0487-1CB5-4A5A-9550-6FBFCCC0DE03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8A2F0C77-E970-431A-A973-63067E81BFE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6CB19721-19C1-4981-8C9A-3A88358D5690}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B4BA5E41-C31B-46D7-8A27-5E6C9668EAD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{BBD6166A-33D6-407C-B8B9-F556D80C43D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D3A1070A-75DD-4873-BD89-B75FFABB54F0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{737C8D2E-C9F7-4C38-AA4B-B4097B0BB2BF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F36ABDCC-ECDE-4D2D-86BC-491E7D20AAB7}] => (Allow) C:\Users\Josef Hájek\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C6F42284-5B08-442F-8549-101542C03DD4}] => (Allow) C:\Users\Josef Hájek\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FD823CF9-6801-4344-84AA-76E2FDDE1B2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{510E82D5-8549-4B64-BB05-6B1F0194B028}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BEBCC6C9-CB9E-4D5D-A97B-1A88FFBA27B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F8DB4BED-92DC-4C42-8B2B-BB7CD20D9D13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D88F6C5-F6E3-44B0-9718-2257F7775CD0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0D554069-48F1-49BE-B18A-5E5EA824A5F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A5CB0D5C-5D32-4D54-B324-EBAD65CFD3F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:78.95 GB) (Free:30.55 GB) (39%)
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/11/2020 08:39:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x162c
Čas spuštění chybující aplikace: 0x01d69ffdccdc58bb
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9f4063a7-5218-461e-9534-eb5a0b7ddec5
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x1ec8
Čas spuštění chybující aplikace: 0x01d69ffd37d3a251
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 42e6949c-e09a-476a-b127-79ac047fc5d6
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:17:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x26d4
Čas spuštění chybující aplikace: 0x01d69ffac0887fe0
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 73c29111-a1fe-4795-8907-5b8ac789d059
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:14:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x1ee4
Čas spuštění chybující aplikace: 0x01d69ffa419d6b37
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: db6b277d-ae58-4cd5-ae90-0cce17740d59
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 08:00:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x764
Čas spuštění chybující aplikace: 0x01d69ff86a94e34f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: adcc97be-dfae-482c-8e85-26568ee9d534
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 07:29:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x23e4
Čas spuštění chybující aplikace: 0x01d69ff404480ad8
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 5aa6a9e3-2bae-4db5-b738-fb5cc88ff286
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 07:26:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x1d4c
Čas spuštění chybující aplikace: 0x01d69ff39173add8
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6ba7f07c-d75d-4e22-b800-3d73b64cffeb
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (10/11/2020 06:55:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: YourPhone.exe, verze: 1.20092.108.0, časové razítko: 0x5f7631b0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0xe9c
Čas spuštění chybující aplikace: 0x01d69fef5d1cef81
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1b44185a-9cb0-4f94-b3bf-9ad0d7711a92
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Synaptics FP WBF Policy Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba fpCsEvtSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba hpHotkeyMonitor byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Software Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/11/2020 07:22:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2020-10-10 09:36:37.6530000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.325.496.0
Předchozí verze bezpečnostních informací: 1.313.1855.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.17500.4
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2020-10-10 09:36:37.6530000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.325.496.0
Předchozí verze bezpečnostních informací: 1.313.1855.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.17500.4
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2020-10-10 09:36:25.5420000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.1855.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-10-10 09:36:13.4970000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4730000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4590000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4400000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4240000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.4100000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.3910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-10 09:36:13.3330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\LogMeIn Rescue Applet\LMIR0814C001.tmp\LMIRhook.000.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard 68IAV Ver. F.40 01/31/2013
Motherboard: Hewlett-Packard 176C
Processor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Percentage of memory in use: 70%
Total physical RAM: 4027.55 MB
Available physical RAM: 1174.8 MB
Total Virtual: 4731.55 MB
Available Virtual: 1029.95 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:78.95 GB) (Free:30.55 GB) NTFS
Drive d: (DATA) (Fixed) (Total:385.63 GB) (Free:306.69 GB) NTFS
\\?\Volume{310110be-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{310110be-0000-0000-0000-30df13000000}\ () (Fixed) (Total:0.64 GB) (Free:0.11 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 310110BE)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=652 MB) - (Type=27)
Partition 4: (Not Active) - (Size=385.6 GB) - (Type=0F Extended)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu. Vyděračský vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
novacek7575
- Návštěvník
- Příspěvky: 14
- Registrován: 04 dub 2011 18:57
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Vyděračský vir
Zdravím!
Dal jste 2x log Addition. Potřebuji ještě log FRST. Je na ploše v souboru frst.txt. Děkuji.
Dal jste 2x log Addition. Potřebuji ještě log FRST. Je na ploše v souboru frst.txt. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
novacek7575
- Návštěvník
- Příspěvky: 14
- Registrován: 04 dub 2011 18:57
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Vyděračský vir
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [328]
FirewallRules: [{8A2F0C77-E970-431A-A973-63067E81BFE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6CB19721-19C1-4981-8C9A-3A88358D5690}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B4BA5E41-C31B-46D7-8A27-5E6C9668EAD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{BBD6166A-33D6-407C-B8B9-F556D80C43D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F36ABDCC-ECDE-4D2D-86BC-491E7D20AAB7}] => (Allow) C:\Users\Josef Hájek\AppData\Roaming\Zoom\bin\airhost.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
Task: {8FC0E1EA-DEC0-4A37-AB80-E07483ABE128} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-14] (Google LLC -> Google LLC)
Task: {F7B71A50-BD8C-4FC7-BA5A-D12E9D92475E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-14] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
novacek7575
- Návštěvník
- Příspěvky: 14
- Registrován: 04 dub 2011 18:57
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Vyděračský vir
Potřebuji vidět obsah souboru fixlog.txt. Měl by být na ploše. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
novacek7575
- Návštěvník
- Příspěvky: 14
- Registrován: 04 dub 2011 18:57
Re: Prosím o kontrolu logu. Vyděračský vir
mm
Naposledy upravil(a) novacek7575 dne 13 říj 2020 18:06, celkem upraveno 1 x.
-
novacek7575
- Návštěvník
- Příspěvky: 14
- Registrován: 04 dub 2011 18:57
Re: Prosím o kontrolu logu. Vyděračský vir
oprava
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by Josef Hájek (13-10-2020 18:03:48) Run:1
Running from C:\Users\Josef Hájek\Desktop
Loaded Profiles: Josef Hájek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [328]
FirewallRules: [{8A2F0C77-E970-431A-A973-63067E81BFE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6CB19721-19C1-4981-8C9A-3A88358D5690}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B4BA5E41-C31B-46D7-8A27-5E6C9668EAD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{BBD6166A-33D6-407C-B8B9-F556D80C43D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F36ABDCC-ECDE-4D2D-86BC-491E7D20AAB7}] => (Allow) C:\Users\Josef Hájek\AppData\Roaming\Zoom\bin\airhost.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
Task: {8FC0E1EA-DEC0-4A37-AB80-E07483ABE128} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-14] (Google LLC -> Google LLC)
Task: {F7B71A50-BD8C-4FC7-BA5A-D12E9D92475E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-14] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A2F0C77-E970-431A-A973-63067E81BFE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6CB19721-19C1-4981-8C9A-3A88358D5690}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4BA5E41-C31B-46D7-8A27-5E6C9668EAD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBD6166A-33D6-407C-B8B9-F556D80C43D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F36ABDCC-ECDE-4D2D-86BC-491E7D20AAB7}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FC0E1EA-DEC0-4A37-AB80-E07483ABE128}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FC0E1EA-DEC0-4A37-AB80-E07483ABE128}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7B71A50-BD8C-4FC7-BA5A-D12E9D92475E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7B71A50-BD8C-4FC7-BA5A-D12E9D92475E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34103705 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 19566650 B
Edge => 82107 B
Chrome => 22057872 B
Firefox => 145708386 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 184406 B
NetworkService => 222730 B
Josef Hájek => 108177217 B
RecycleBin => 54250980 B
EmptyTemp: => 374.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:04:46 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by Josef Hájek (13-10-2020 18:03:48) Run:1
Running from C:\Users\Josef Hájek\Desktop
Loaded Profiles: Josef Hájek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Josef Hájek\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [328]
FirewallRules: [{8A2F0C77-E970-431A-A973-63067E81BFE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6CB19721-19C1-4981-8C9A-3A88358D5690}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B4BA5E41-C31B-46D7-8A27-5E6C9668EAD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{BBD6166A-33D6-407C-B8B9-F556D80C43D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F36ABDCC-ECDE-4D2D-86BC-491E7D20AAB7}] => (Allow) C:\Users\Josef Hájek\AppData\Roaming\Zoom\bin\airhost.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
Task: {8FC0E1EA-DEC0-4A37-AB80-E07483ABE128} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-14] (Google LLC -> Google LLC)
Task: {F7B71A50-BD8C-4FC7-BA5A-D12E9D92475E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-14] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-3318541500-1064375986-2057149807-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A2F0C77-E970-431A-A973-63067E81BFE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6CB19721-19C1-4981-8C9A-3A88358D5690}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4BA5E41-C31B-46D7-8A27-5E6C9668EAD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBD6166A-33D6-407C-B8B9-F556D80C43D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F36ABDCC-ECDE-4D2D-86BC-491E7D20AAB7}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FC0E1EA-DEC0-4A37-AB80-E07483ABE128}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FC0E1EA-DEC0-4A37-AB80-E07483ABE128}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7B71A50-BD8C-4FC7-BA5A-D12E9D92475E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7B71A50-BD8C-4FC7-BA5A-D12E9D92475E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34103705 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 19566650 B
Edge => 82107 B
Chrome => 22057872 B
Firefox => 145708386 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 184406 B
NetworkService => 222730 B
Josef Hájek => 108177217 B
RecycleBin => 54250980 B
EmptyTemp: => 374.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:04:46 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Vyděračský vir
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
novacek7575
- Návštěvník
- Příspěvky: 14
- Registrován: 04 dub 2011 18:57
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Vyděračský vir
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?