Dobrý den,
již nějakou dobu zjišťuji,že si můj počítač neustále bere z disku C poměrně dost místa.Uvolňuji pořád víc a víc a pořád píše !málo místa na disku!.Přitom nic neinstaluji.Chápu,že si něco vezme paměť,ale toto mi to nedělávalo.Občas mi na obrazovce z ničeho nic problikne černé vyskakovací okno.(nic se nestane,ale ani to asi není úplně v pořádku).Mohu tedy poprosit o kontrolu logu.Třeba na něco přijdete.Nejvíce mě trápí,že nevím,proč se mi stále více nabaluje složka :
C:\Users\Petr\AppData\Local\Microsoft\GamesExplorer\debug.log (což tipuji,že je to něco ke hrám,ale já skoro nic nehraju.
přikládám log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2020
Ran by Petr (administrator) on TEPAN (26-11-2020 10:05:56)
Running from D:\Downloads
Loaded Profiles: Petr
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Allway Sync\Bin\SyncService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360732.inf_amd64_c7238d1e8b4aaa3b\B360768\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360732.inf_amd64_c7238d1e8b4aaa3b\B360768\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation -> ) [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\lodctr.exe
(Microsoft Corporation -> ) [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msinfo32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The CefSharp Authors) [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\CefSharp.BrowserSubprocess.exe <4>
(VideoLAN -> VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13059536 2019-10-17] (Comodo Security Solutions -> COMODO)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2020-09-28] (Corel Corporation -> WinZip Computing, S.L.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [Display] => C:\Program Files (x86)\Microsoft Games\Game\System.exe <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --do-not-de-elevate --flag-switches-begin --flag-switches-end --e (the data entry has 134 more characters).
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {105c938b-800b-11ea-9ce5-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {8a5d48ca-ef25-11e9-9cd1-40b0765e7062} - "F:\setup.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daa7d-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daaea-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\...\AppCompatFlags\Custom\Game.exe: [{481dc351-bab0-4f86-b085-87a5626fe6dc}.sdb] -> Mafia Compatibility Database
HKLM\Software\...\AppCompatFlags\Custom\Setup.exe: [{481dc351-bab0-4f86-b085-87a5626fe6dc}.sdb] -> Mafia Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{481dc351-bab0-4f86-b085-87a5626fe6dc}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{481dc351-bab0-4f86-b085-87a5626fe6dc}.sdb [2017-10-31]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2020-09-30]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-10-22]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-10-07] <==== ATTENTION
ShortcutTarget: SmartClock.lnk -> C:\Users\Petr\AppData\Roaming\Smart Clock\SmartClock.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A48237D-5E77-4636-AD1B-5AC395A5068F} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1124744 2020-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1DDF55E8-F84E-4572-8628-BCFA063554C1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13059536 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {34E14B70-9E92-4302-83F5-DDE42FFF9729} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645440 2020-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {472B0007-9645-4A3C-950A-B5F3A3F872C9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5344B390-8DA8-41BD-A8A0-7B0B0E791834} - System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => C:\Users\Petr\AppData\Roaming\efwchvd.exe <==== ATTENTION
Task: {53AB23AC-8EEC-4957-B2C6-6922771EE91E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe [40496 2020-03-17] (Microsoft Corporation -> ) [File not signed]
Task: {5DA70AA1-F3E1-40E1-A3A2-B3A0D0604AAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-25] (Google LLC -> Google LLC)
Task: {60A8BF0D-FBBA-4EBA-8E75-33D7FE945229} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645440 2020-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6C5070AD-60E5-4DE8-92A5-B0FCF72586C7} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2774904 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D49B5FD-D5BE-4F3A-93B4-1E8817D4E3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {70004A3A-9E0E-4A92-A879-B3A868B6BC39} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)
Task: {77AC776A-09EF-44F5-A8E6-462B2838B69F} - System32\Tasks\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E} => C:\Users\Petr\AppData\Roaming\bawchvd.exe <==== ATTENTION
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe [7885824 2020-10-19] (Microsoft Corporation) [File not signed]
Task: {7D36C007-FD0B-49FB-B8C6-81096FE42E9B} - System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => C:\Users\Petr\AppData\Roaming\adwchvd.exe <==== ATTENTION
Task: {8175F048-B512-4171-B833-01861426B0B0} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13059536 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {91F34A0A-249B-4C20-BCCB-ABEC18A46B47} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {962E83BF-4C15-4A32-8DB1-EF3889607677} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2AA7524-DF4A-4357-BE67-57B1A0BDE138} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {AC036537-0618-4343-BB70-9F9415CB8094} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B1E9BC96-ABED-4210-8BD5-D0560BB86D38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-25] (Google LLC -> Google LLC)
Task: {B5E5C22E-C5DF-48B3-8411-9034746BB0BD} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {C5496919-35AB-4CA1-9B4B-8FF61E179220} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Petr\OneDrive\Plocha\AdwCleaner.exe [8199856 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
Task: {CC75B8B2-2862-4CDF-8E74-36238190F8B9} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645440 2020-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D8FEDA38-705C-455A-AB93-A2C78643649F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DDE25511-F6A2-42BB-97E7-18D9F66B4FF5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - \ByteFence -> No File <==== ATTENTION
Task: {E34C26B8-839B-4AF6-950C-3EEF8D6A63B0} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe [67896 2019-03-19] () [File not signed] <==== ATTENTION
Task: {EFFF7856-1392-4C35-9D26-4949052E44CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4857843-CF0C-4823-8375-4FA58F81EB4B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {F6CE90AF-CC8B-4A19-A317-AF7789E78BBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {FBE4967F-8F0B-42FE-9806-E0669DF8F86A} - System32\Tasks\AutoPico Daily Restart => C:\Users\Petr\OneDrive\Plocha\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{9fddadb7-d77f-4285-9596-3a6f1ddef74d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Edge:
======
DownloadDir: D:\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxps://www.tipsport.cz; hxxps://www.facebook.com; hxxps://cpyskidrow.com; hxxps://ouo.press; hxxps://www1a.ramirocampos.pro; hxxps://www1a.debrahinton.pro; hxxps://www.file-up.org; hxxps://www1a.sherwoodsutton.pro; hxxps://www1a.bethanyharrell.pro; hxxps://www2a.debrahinton.pro
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-26]
Edge DownloadDir: D:\Downloads
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Horizon TV) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\khacdlnhpilifpplbbafdickbmihjoml [2020-09-08]
Edge Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2020-11-22]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-11-25]
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-24]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-24]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-24]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-11]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-07-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [264192 2020-04-07] () [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11326912 2019-10-21] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11326912 2019-10-21] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2649040 2019-10-17] (Comodo Security Solutions -> COMODO)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileSyncHelper.exe [2188664 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\OneDriveUpdaterService.exe [2553200 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-11] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38848 2019-10-16] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [841408 2019-10-16] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47080 2019-10-16] (Comodo Security Solutions, Inc. -> COMODO)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [129208 2019-10-16] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S4 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-26 10:05 - 2020-11-26 10:06 - 000000000 ____D C:\FRST
2020-11-12 10:09 - 2020-11-12 10:09 - 000000000 ____D C:\Users\Petr\AppData\Local\VS Revo Group
2020-11-12 10:08 - 2020-11-12 10:19 - 000000000 ____D C:\ProgramData\48hteG
2020-11-12 10:08 - 2020-10-12 14:33 - 017838873 _____ (VS Revo Group) C:\Program Files (x86)\Revo Uninstaller Pro 4.2.3.exe
2020-11-12 09:44 - 2020-11-12 09:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\jotman
2020-11-12 09:42 - 2020-11-12 09:42 - 000000000 ____D C:\Users\Petr\AppData\Local\Faxcons
2020-11-12 09:34 - 2020-11-12 09:34 - 000000000 ____D C:\Program Files (x86)\hi67zy4p0x5i
2020-11-11 01:46 - 2020-11-11 01:46 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2020-11-11 01:46 - 2020-11-11 01:46 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2020-11-11 01:46 - 2020-11-11 01:46 - 000200704 _____ C:\Windows\system32\IHDS.dll
2020-11-11 01:46 - 2020-11-11 01:46 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-11-11 01:46 - 2020-11-11 01:46 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-11-10 11:33 - 2020-11-10 11:33 - 000000000 ____D C:\Users\Petr\AppData\Local\AWSToolkit
2020-11-10 11:16 - 2020-11-23 23:13 - 000003104 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2020-11-10 11:16 - 2020-11-10 11:16 - 000000000 ____D C:\Users\Petr\AppData\Local\ATI
2020-11-10 10:58 - 2020-11-23 23:13 - 000003090 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2020-11-10 10:58 - 2020-11-10 10:58 - 000003194 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2020-11-10 10:58 - 2020-11-10 10:58 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2020-11-10 10:58 - 2020-11-10 10:58 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2020-11-10 10:58 - 2020-11-10 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-11-10 10:58 - 2020-11-10 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2020-11-10 10:58 - 2020-11-05 14:15 - 000104816 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2020-11-10 10:56 - 2020-11-10 10:56 - 000000000 ____D C:\ProgramData\AMD
2020-11-10 10:03 - 2020-11-10 10:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ATI
2020-11-10 09:59 - 2020-11-05 14:17 - 001686840 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2020-11-10 09:59 - 2020-11-05 14:17 - 000131064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2020-11-10 09:59 - 2020-11-05 14:17 - 000109080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 072724392 _____ C:\Windows\system32\amd_comgr.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 060137896 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 004632488 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 004156840 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 001783720 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 001754536 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 001754536 _____ C:\Windows\system32\vulkaninfo.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 001366192 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 001360296 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 001360296 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 001345448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 001345448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 001048616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 001048616 _____ C:\Windows\system32\vulkan-1.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000911072 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000911072 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000761768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 000737704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000621992 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000547624 _____ C:\Windows\system32\amdmiracast.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000497576 _____ C:\Windows\system32\GameManager64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000493992 _____ C:\Windows\system32\dgtrayicon.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 000469416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000457128 _____ C:\Windows\system32\atieah64.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 000433576 _____ C:\Windows\system32\EEURestart.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 000380840 _____ C:\Windows\SysWOW64\GameManager32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000352680 _____ C:\Windows\SysWOW64\atieah32.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 000340392 _____ C:\Windows\system32\clinfo.exe
2020-11-10 09:59 - 2020-11-05 14:16 - 000246184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000213928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000187816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000183224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000167848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000167336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000159480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000157608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000143272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000141736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000136616 _____ (AMD) C:\Windows\system32\atimuixx.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000135592 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000131064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000126376 _____ C:\Windows\system32\atidxx64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000123304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000121256 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000109080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000108456 _____ C:\Windows\SysWOW64\atidxx32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000107944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000091560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000076200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000071080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000047528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000020608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-11-10 09:59 - 2020-11-05 14:16 - 000020608 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 071742376 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000490408 _____ C:\Windows\system32\amdgfxinfo64.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000467368 _____ C:\Windows\system32\amdlogum.exe
2020-11-10 09:59 - 2020-11-05 14:15 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000380840 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000199648 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000168744 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000136752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2020-11-10 09:59 - 2020-11-05 14:15 - 000121096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2020-11-10 09:59 - 2020-11-05 03:28 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2020-11-10 09:59 - 2020-11-05 03:28 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2020-11-10 09:59 - 2020-11-05 03:27 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2020-11-10 09:59 - 2020-11-05 03:27 - 000204952 _____ C:\Windows\system32\ativvsvl.dat
2020-11-10 09:59 - 2020-11-05 03:27 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2020-11-10 09:59 - 2020-11-05 03:27 - 000157144 _____ C:\Windows\system32\ativvsva.dat
2020-11-10 09:59 - 2020-11-05 03:22 - 000549784 _____ C:\Windows\SysWOW64\atiapfxx.blb
2020-11-10 09:59 - 2020-11-05 03:22 - 000549784 _____ C:\Windows\system32\atiapfxx.blb
2020-11-10 09:59 - 2020-10-26 15:14 - 000511920 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendrsr.exe
2020-11-10 09:59 - 2020-10-26 15:14 - 000089008 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendr.sys
2020-11-10 09:59 - 2020-07-27 08:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdxe.sys
2020-11-10 09:59 - 2020-06-09 02:57 - 000107936 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2020-11-10 09:59 - 2019-08-19 19:06 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2020-11-10 09:59 - 2019-07-16 20:58 - 000069770 _____ C:\Windows\system32\AMDKernelEvents.man
2020-11-10 09:59 - 2019-01-11 23:27 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2020-11-10 09:59 - 2016-09-02 16:24 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2020-11-10 09:59 - 2013-12-12 14:53 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2020-11-10 08:50 - 2020-11-10 08:50 - 000001463 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium Play.lnk
2020-11-10 08:50 - 2020-11-10 08:50 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Unity
2020-11-10 08:50 - 2020-11-10 08:50 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Plarium
2020-10-27 07:16 - 2020-10-27 07:16 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Goldberg SocialClub Emu Saves
2020-10-27 07:13 - 2020-10-27 07:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\EMPRESS
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-26 10:02 - 2019-10-15 16:00 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2020-11-26 09:57 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-26 03:46 - 2019-10-11 20:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-11-26 02:26 - 2019-10-15 09:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-11-26 02:25 - 2019-10-15 17:02 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2020-11-26 02:25 - 2019-10-15 10:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2020-11-25 16:36 - 2020-07-14 03:46 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-25 16:36 - 2020-07-14 03:46 - 000002274 _____ C:\ProgramData\Plocha\Microsoft Edge.lnk
2020-11-25 14:57 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-11-25 01:13 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-11-24 00:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-24 00:05 - 2019-10-11 20:23 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2020-11-23 23:17 - 2019-10-11 20:22 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-23 23:17 - 2019-03-19 12:55 - 000716944 _____ C:\Windows\system32\perfh005.dat
2020-11-23 23:17 - 2019-03-19 12:55 - 000145024 _____ C:\Windows\system32\perfc005.dat
2020-11-23 23:13 - 2019-10-11 20:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-23 23:12 - 2019-10-11 20:29 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-11-23 23:12 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-11-22 12:42 - 2019-11-24 03:03 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-20 20:43 - 2019-10-11 20:30 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2020-11-20 03:06 - 2020-09-30 21:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-19 01:06 - 2020-07-25 07:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-19 01:06 - 2020-07-25 07:52 - 000002260 _____ C:\ProgramData\Plocha\Google Chrome.lnk
2020-11-13 23:43 - 2020-10-19 11:32 - 000000000 ____D C:\Filmy
2020-11-12 11:00 - 2020-09-30 21:51 - 000907064 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2020-11-12 10:59 - 2020-09-30 21:51 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2020-11-12 09:59 - 2020-09-20 08:45 - 007422190 _____ C:\Windows\system32\Drivers\fvstore.dat
2020-11-12 09:59 - 2019-10-11 20:28 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-11 08:44 - 2019-10-11 20:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-11 08:44 - 2019-10-11 20:23 - 000000000 ___RD C:\Users\Petr\3D Objects
2020-11-11 08:44 - 2019-10-11 20:17 - 000447472 _____ C:\Windows\system32\FNTCACHE.DAT
2020-11-11 08:43 - 2020-09-25 14:49 - 000000000 ____D C:\Windows\en-GB
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\TextInput
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-11 08:43 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-11-11 01:54 - 2019-10-11 20:35 - 000000000 ____D C:\Windows\system32\MRT
2020-11-11 01:53 - 2019-10-11 20:35 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-11 01:52 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-11-11 01:49 - 2019-03-19 05:49 - 000000167 _____ C:\Windows\win.ini
2020-11-11 01:46 - 2019-10-11 20:19 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-11-10 18:36 - 2019-10-11 20:27 - 000000000 ____D C:\AMD
2020-11-10 11:16 - 2019-10-11 20:30 - 000000000 ____D C:\Users\Petr\AppData\Local\AMD
2020-11-10 10:58 - 2019-10-11 20:28 - 000000000 ____D C:\Program Files\AMD
2020-11-03 21:00 - 2020-07-14 03:46 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-03 21:00 - 2020-07-14 03:46 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-29 06:14 - 2020-02-06 06:42 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-10-29 06:14 - 2020-02-06 06:42 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-29 06:14 - 2020-02-06 06:42 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-10-29 06:14 - 2019-10-11 20:25 - 000000000 ___RD C:\Users\Petr\OneDrive
2020-10-27 09:07 - 2020-03-25 14:59 - 000000000 ____D C:\Users\Petr\AppData\Local\cache
2020-10-27 07:14 - 2020-02-06 06:41 - 000000000 ____D C:\Users\Petr\OneDrive\Dokumenty\Rockstar Games
==================== Files in the root of some directories ========
2020-09-21 13:06 - 2019-07-04 20:27 - 000452992 _____ (COMODO) C:\ProgramData\cmdres.dll
2020-04-06 10:56 - 2020-04-06 10:56 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-04-06 10:56 - 2020-04-06 10:56 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-11-12 10:08 - 2020-10-12 14:33 - 017838873 _____ (VS Revo Group) C:\Program Files (x86)\Revo Uninstaller Pro 4.2.3.exe
2020-10-25 23:11 - 2020-08-28 09:46 - 000036105 _____ () C:\Users\Petr\AppData\Local\crx.7z
2020-09-21 12:42 - 2020-09-30 08:43 - 000016438 _____ () C:\Users\Petr\AppData\Local\partner.bmp
2020-11-10 08:48 - 2020-11-12 09:59 - 000003040 _____ () C:\Users\Petr\AppData\Local\PlariumPlay.log
2019-10-11 20:56 - 2019-10-11 20:56 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivně
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivně
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2020
Ran by Petr (26-11-2020 10:06:44)
Running from D:\Downloads
Windows 10 Home Version 1909 18363.1198 (X64) (2019-10-11 19:18:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4148571483-3592684963-3718319802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4148571483-3592684963-3718319802-503 - Limited - Disabled)
Guest (S-1-5-21-4148571483-3592684963-3718319802-501 - Limited - Disabled)
Petr (S-1-5-21-4148571483-3592684963-3718319802-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4148571483-3592684963-3718319802-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
FW: COMODO Firewall (Enabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Allway Sync (HKLM\...\{6E2A6AEF-1397-4888-BD6F-4C0D4968014D}) (Version: 20.0.5 - Botkind Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.1.0.6914 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (HKLM\...\{567591EE-85F7-4E4D-AE28-FD65FCF4F201}) (Version: 12.1.0.6914 - COMODO Security Solutions Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.2.29539 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.66 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - )
Horizon TV (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c95b0b82c5af06de43630c15663cdf58) (Version: 1.0 - Horizon TV)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Mafia (HKLM-x32\...\1595659240_is1) (Version: 1.3 - GOG.com)
Mafia Compatibility Database (HKLM\...\{481dc351-bab0-4f86-b085-87a5626fe6dc}.sdb) (Version: - )
Mafia II Definitive Edition v.1.0 (HKLM-x32\...\Mafia II Definitive Edition_is1) (Version: - )
MediaHuman Audio Converter version 1.9.7.13 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7.13 - MediaHuman)
Messenger 73.2.121 (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 73.2.121 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outlook Express Backup V6.5 (HKLM-x32\...\Outlook Express Backup_is1) (Version: - Genie-Soft)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version: - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
Shadow of the Tomb Raider Cpy Čeština (HKLM-x32\...\{F233C280-925A-422A-91DD-F99B398A76E6}) (Version: 1.0.0 - cpy)
Someday Youll Return (HKLM-x32\...\Someday Youll Return_is1) (Version: - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Unlocker (HKLM-x32\...\{5577A25D-E4FE-4BFB-A660-E0D766BC4EDD}) (Version: 1.9.2 - ajua Custom Installers)
Update for Skype for Business 2016 (KB4486710) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1998D5DD-00AD-417C-9118-5274F24CB09E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486710) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1998D5DD-00AD-417C-9118-5274F24CB09E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486710) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{1998D5DD-00AD-417C-9118-5274F24CB09E}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinZip 25.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2412F}) (Version: 25.0.14273 - Corel Corporation)
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.3.0_x64__6bk20wvc8rfx2 [2020-08-22] (Hauke Hasselberg)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-03] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-20] (Microsoft Studios) [MS Ad]
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09] (Nik Rolls)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-28] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [BotkindSyncShellExtension] -> {9E2E6460-89FF-452A-A9BA-E62EB80B8539} => C:\Program Files\Allway Sync\Bin\ShellExtension.dll [2020-04-07] () [File not signed]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-28] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-28] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Horizon TV.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml
==================== Loaded Modules (Whitelisted) =============
2020-03-17 12:47 - 2020-02-10 19:35 - 000911872 ___SH () [File not signed] [File is in use] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\CefSharp.BrowserSubprocess.Core.dll
2020-03-17 12:47 - 2020-02-10 19:35 - 001369088 ___SH () [File not signed] [File is in use] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\CefSharp.Core.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-17 12:47 - 2019-07-25 13:49 - 000678912 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\kbdnec.dll
2020-03-17 12:47 - 2020-01-30 05:48 - 099498496 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\libcef.dll
2020-03-17 12:47 - 2020-01-30 04:43 - 000309760 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\libegl.dll
2020-03-17 12:47 - 2020-01-30 04:43 - 006971904 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\libglesv2.dll
2020-03-16 10:58 - 2019-07-25 13:49 - 000678912 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\mcicda.dll
2020-11-04 21:25 - 2020-11-04 21:25 - 001583104 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-03-17 12:47 - 2020-01-30 04:42 - 000821248 ___SH (The Chromium Authors) [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\chrome_elf.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-11-04 21:33 - 2020-11-04 21:33 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000724992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-11-04 21:33 - 2020-11-04 21:33 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-10-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-10-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2020-09-09 07:56 - 000001717 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Control Panel\Desktop\\Wallpaper -> D:\Downloads\Pozadí na plochu\19480_en_1.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{830E9726-E213-4B83-B5ED-2A1CE79FA5DC}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AC432F64-0876-40BA-BEEC-65E4B3A96D2C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{05579D82-1060-49F2-B7C7-D71E22AFEAF0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BDF124F-F167-472B-B53F-05236DE6E8C3}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0616D40-F28B-4098-9F26-7121D65B12C4}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3331E4A6-556E-46BF-BEEB-17506B7B692F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31F8E07C-AD31-4A78-AD9E-7E8BD1E22634}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{F3C53057-7838-46E6-8070-B423ABCE3F54}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{861EF62C-14B2-4D98-9640-F7DC357E2A3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/26/2020 09:08:00 AM) (Source: ESENT) (EventID: 492) (User: )
Description: svchost (3936,D,50) SRUJet: Posloupnost souborů protokolů (C:\Windows\system32\SRU\) se zastavila kvůli závažné chybě. Databáze, které používají tuto posloupnost souborů protokolů, už nejde aktualizovat. Vyřešte prosím problémy a restartujte nebo obnovte databázi ze záložní kopie.
Error: (11/26/2020 09:08:00 AM) (Source: ESENT) (EventID: 413) (User: )
Description: svchost (3936,D,50) SRUJet: Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -529
Error: (11/26/2020 09:00:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000405691
ID chybujícího procesu: 0x1110
Čas spuštění chybující aplikace: 0x01d6c3ca25d1056b
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
ID zprávy: dd1f0c9f-3565-4750-810b-393ed4e98056
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 07:00:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000405691
ID chybujícího procesu: 0x1a48
Čas spuštění chybující aplikace: 0x01d6c3b962483945
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
ID zprávy: cd3465c5-05be-482d-96c6-97030f1e8000
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 05:00:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.1171, časové razítko: 0x103a4719
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f9059
ID chybujícího procesu: 0x1480
Čas spuštění chybující aplikace: 0x01d6c3a89ebf35aa
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 92271268-4a5e-4bd5-8d08-31711fdd99c1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 05:00:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000405691
ID chybujícího procesu: 0x1480
Čas spuštění chybující aplikace: 0x01d6c3a89ebf35aa
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
ID zprávy: aef3dfb4-f0ac-491f-a6f9-87c64b6f9151
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 02:25:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.18362.1, časové razítko: 0x527faf7f
Kód výjimky: 0xc000041d
Posun chyby: 0x00004647
ID chybujícího procesu: 0xa18
Čas spuštění chybující aplikace: 0x01d6c39302f2640a
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 762ce604-96dc-451f-9f77-b82166726f57
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 02:25:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.18362.1, časové razítko: 0x527faf7f
Kód výjimky: 0xc000041d
Posun chyby: 0x00004647
ID chybujícího procesu: 0x1abc
Čas spuštění chybující aplikace: 0x01d6c37cb81ecc57
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 5dbc7d6c-90ab-41d4-a588-7b85b986414a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/25/2020 02:57:31 PM) (Source: DCOM) (EventID: 10000) (User: TEPAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/22/2020 12:37:30 PM) (Source: DCOM) (EventID: 10010) (User: TEPAN)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/22/2020 12:37:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (30000 ms).
Error: (11/21/2020 05:00:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba COMODO Internet Security Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/20/2020 07:42:49 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (11/20/2020 12:13:27 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (11/17/2020 11:02:03 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (11/11/2020 04:39:10 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Windows Defender:
===================================
Date: 2020-03-25 07:55:30.880
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\lm3rsytbdas\i4og1o43yp2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:45:29.593
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\kg55ug5tug3\mbuxs2ue2mz.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:35:28.217
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\gaouz4c1z43\kebsyc0yt21.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:25:27.406
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\4tbfzr4orun\vskono4vsb2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:15:26.073
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\r4okzkylobk\tsc0qa4baqh.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
CodeIntegrity:
===================================
Date: 2020-11-26 10:06:31.748
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:06:31.410
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:06:30.477
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:06:30.470
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:05:35.236
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:05:22.828
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:01:52.154
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:01:30.448
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1804 07/29/2019
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 8128.81 MB
Available physical RAM: 4090.69 MB
Total Virtual: 11597.95 MB
Available Virtual: 1725.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.91 GB) (Free:2.52 GB) NTFS
Drive d: () (Fixed) (Total:447.13 GB) (Free:4.33 GB) NTFS
\\?\Volume{06f3911c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.17 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 06F39101)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 06F3911C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by Petr (26-11-2020 10:06:44)
Running from D:\Downloads
Windows 10 Home Version 1909 18363.1198 (X64) (2019-10-11 19:18:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4148571483-3592684963-3718319802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4148571483-3592684963-3718319802-503 - Limited - Disabled)
Guest (S-1-5-21-4148571483-3592684963-3718319802-501 - Limited - Disabled)
Petr (S-1-5-21-4148571483-3592684963-3718319802-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4148571483-3592684963-3718319802-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
FW: COMODO Firewall (Enabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Allway Sync (HKLM\...\{6E2A6AEF-1397-4888-BD6F-4C0D4968014D}) (Version: 20.0.5 - Botkind Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.1.0.6914 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (HKLM\...\{567591EE-85F7-4E4D-AE28-FD65FCF4F201}) (Version: 12.1.0.6914 - COMODO Security Solutions Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.2.29539 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.66 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - )
Horizon TV (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c95b0b82c5af06de43630c15663cdf58) (Version: 1.0 - Horizon TV)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Mafia (HKLM-x32\...\1595659240_is1) (Version: 1.3 - GOG.com)
Mafia Compatibility Database (HKLM\...\{481dc351-bab0-4f86-b085-87a5626fe6dc}.sdb) (Version: - )
Mafia II Definitive Edition v.1.0 (HKLM-x32\...\Mafia II Definitive Edition_is1) (Version: - )
MediaHuman Audio Converter version 1.9.7.13 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7.13 - MediaHuman)
Messenger 73.2.121 (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 73.2.121 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outlook Express Backup V6.5 (HKLM-x32\...\Outlook Express Backup_is1) (Version: - Genie-Soft)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version: - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
Shadow of the Tomb Raider Cpy Čeština (HKLM-x32\...\{F233C280-925A-422A-91DD-F99B398A76E6}) (Version: 1.0.0 - cpy)
Someday Youll Return (HKLM-x32\...\Someday Youll Return_is1) (Version: - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Unlocker (HKLM-x32\...\{5577A25D-E4FE-4BFB-A660-E0D766BC4EDD}) (Version: 1.9.2 - ajua Custom Installers)
Update for Skype for Business 2016 (KB4486710) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1998D5DD-00AD-417C-9118-5274F24CB09E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486710) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1998D5DD-00AD-417C-9118-5274F24CB09E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486710) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{1998D5DD-00AD-417C-9118-5274F24CB09E}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinZip 25.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2412F}) (Version: 25.0.14273 - Corel Corporation)
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.3.0_x64__6bk20wvc8rfx2 [2020-08-22] (Hauke Hasselberg)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-03] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-20] (Microsoft Studios) [MS Ad]
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09] (Nik Rolls)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-28] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [BotkindSyncShellExtension] -> {9E2E6460-89FF-452A-A9BA-E62EB80B8539} => C:\Program Files\Allway Sync\Bin\ShellExtension.dll [2020-04-07] () [File not signed]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-28] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-28] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Horizon TV.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml
==================== Loaded Modules (Whitelisted) =============
2020-03-17 12:47 - 2020-02-10 19:35 - 000911872 ___SH () [File not signed] [File is in use] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\CefSharp.BrowserSubprocess.Core.dll
2020-03-17 12:47 - 2020-02-10 19:35 - 001369088 ___SH () [File not signed] [File is in use] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\CefSharp.Core.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-17 12:47 - 2019-07-25 13:49 - 000678912 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\kbdnec.dll
2020-03-17 12:47 - 2020-01-30 05:48 - 099498496 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\libcef.dll
2020-03-17 12:47 - 2020-01-30 04:43 - 000309760 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\libegl.dll
2020-03-17 12:47 - 2020-01-30 04:43 - 006971904 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\libglesv2.dll
2020-03-16 10:58 - 2019-07-25 13:49 - 000678912 ___SH () [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\mcicda.dll
2020-11-04 21:25 - 2020-11-04 21:25 - 001583104 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-03-17 12:47 - 2020-01-30 04:42 - 000821248 ___SH (The Chromium Authors) [File not signed] C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\chrome_elf.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-11-04 21:33 - 2020-11-04 21:33 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000724992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 10:18 - 2020-07-27 10:18 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-11-04 21:33 - 2020-11-04 21:33 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-10-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-10-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2020-09-09 07:56 - 000001717 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Control Panel\Desktop\\Wallpaper -> D:\Downloads\Pozadí na plochu\19480_en_1.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{830E9726-E213-4B83-B5ED-2A1CE79FA5DC}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AC432F64-0876-40BA-BEEC-65E4B3A96D2C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{05579D82-1060-49F2-B7C7-D71E22AFEAF0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BDF124F-F167-472B-B53F-05236DE6E8C3}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0616D40-F28B-4098-9F26-7121D65B12C4}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3331E4A6-556E-46BF-BEEB-17506B7B692F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31F8E07C-AD31-4A78-AD9E-7E8BD1E22634}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{F3C53057-7838-46E6-8070-B423ABCE3F54}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{861EF62C-14B2-4D98-9640-F7DC357E2A3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/26/2020 09:08:00 AM) (Source: ESENT) (EventID: 492) (User: )
Description: svchost (3936,D,50) SRUJet: Posloupnost souborů protokolů (C:\Windows\system32\SRU\) se zastavila kvůli závažné chybě. Databáze, které používají tuto posloupnost souborů protokolů, už nejde aktualizovat. Vyřešte prosím problémy a restartujte nebo obnovte databázi ze záložní kopie.
Error: (11/26/2020 09:08:00 AM) (Source: ESENT) (EventID: 413) (User: )
Description: svchost (3936,D,50) SRUJet: Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -529
Error: (11/26/2020 09:00:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000405691
ID chybujícího procesu: 0x1110
Čas spuštění chybující aplikace: 0x01d6c3ca25d1056b
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
ID zprávy: dd1f0c9f-3565-4750-810b-393ed4e98056
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 07:00:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000405691
ID chybujícího procesu: 0x1a48
Čas spuštění chybující aplikace: 0x01d6c3b962483945
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
ID zprávy: cd3465c5-05be-482d-96c6-97030f1e8000
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 05:00:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.1171, časové razítko: 0x103a4719
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f9059
ID chybujícího procesu: 0x1480
Čas spuštění chybující aplikace: 0x01d6c3a89ebf35aa
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 92271268-4a5e-4bd5-8d08-31711fdd99c1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 05:00:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Název chybujícího modulu: cis.exe, verze: 12.1.0.6914, časové razítko: 0x5da87691
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000405691
ID chybujícího procesu: 0x1480
Čas spuštění chybující aplikace: 0x01d6c3a89ebf35aa
Cesta k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Cesta k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cis.exe
ID zprávy: aef3dfb4-f0ac-491f-a6f9-87c64b6f9151
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 02:25:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.18362.1, časové razítko: 0x527faf7f
Kód výjimky: 0xc000041d
Posun chyby: 0x00004647
ID chybujícího procesu: 0xa18
Čas spuštění chybující aplikace: 0x01d6c39302f2640a
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 762ce604-96dc-451f-9f77-b82166726f57
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/26/2020 02:25:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.18362.1, časové razítko: 0x527faf7f
Kód výjimky: 0xc000041d
Posun chyby: 0x00004647
ID chybujícího procesu: 0x1abc
Čas spuštění chybující aplikace: 0x01d6c37cb81ecc57
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 5dbc7d6c-90ab-41d4-a588-7b85b986414a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/25/2020 02:57:31 PM) (Source: DCOM) (EventID: 10000) (User: TEPAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/22/2020 12:37:30 PM) (Source: DCOM) (EventID: 10010) (User: TEPAN)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/22/2020 12:37:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (30000 ms).
Error: (11/21/2020 05:00:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba COMODO Internet Security Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/20/2020 07:42:49 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (11/20/2020 12:13:27 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (11/17/2020 11:02:03 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (11/11/2020 04:39:10 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Windows Defender:
===================================
Date: 2020-03-25 07:55:30.880
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\lm3rsytbdas\i4og1o43yp2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:45:29.593
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\kg55ug5tug3\mbuxs2ue2mz.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:35:28.217
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\gaouz4c1z43\kebsyc0yt21.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:25:27.406
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\4tbfzr4orun\vskono4vsb2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-25 07:15:26.073
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\r4okzkylobk\tsc0qa4baqh.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
CodeIntegrity:
===================================
Date: 2020-11-26 10:06:31.748
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:06:31.410
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:06:30.477
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:06:30.470
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:05:35.236
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:05:22.828
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:01:52.154
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-26 10:01:30.448
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1804 07/29/2019
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 8128.81 MB
Available physical RAM: 4090.69 MB
Total Virtual: 11597.95 MB
Available Virtual: 1725.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.91 GB) (Free:2.52 GB) NTFS
Drive d: () (Fixed) (Total:447.13 GB) (Free:4.33 GB) NTFS
\\?\Volume{06f3911c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.17 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 06F39101)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 06F3911C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Re: preventivně
ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
P.S. po aplikacii fixlist vycisti PC s CCleanerom, vcetne registrov a vloz okrem fixlog.txt aj nove logy frst a napis, ci problem pretrvava ?
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [Display] => C:\Program Files (x86)\Microsoft Games\Game\System.exe <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {105c938b-800b-11ea-9ce5-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {8a5d48ca-ef25-11e9-9cd1-40b0765e7062} - "F:\setup.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daa7d-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daaea-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-10-07] <==== ATTENTION
ShortcutTarget: SmartClock.lnk -> C:\Users\Petr\AppData\Roaming\Smart Clock\SmartClock.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5344B390-8DA8-41BD-A8A0-7B0B0E791834} - System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => C:\Users\Petr\AppData\Roaming\efwchvd.exe <==== ATTENTION
Task: {77AC776A-09EF-44F5-A8E6-462B2838B69F} - System32\Tasks\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E} => C:\Users\Petr\AppData\Roaming\bawchvd.exe <==== ATTENTION
Task: {7D36C007-FD0B-49FB-B8C6-81096FE42E9B} - System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => C:\Users\Petr\AppData\Roaming\adwchvd.exe <==== ATTENTION
Task: {FBE4967F-8F0B-42FE-9806-E0669DF8F86A} - System32\Tasks\AutoPico Daily Restart => C:\Users\Petr\OneDrive\Plocha\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
Hosts:
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtP.S. po aplikacii fixlist vycisti PC s CCleanerom, vcetne registrov a vloz okrem fixlog.txt aj nove logy frst a napis, ci problem pretrvava ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: preventivně
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2020
Ran by Petr (26-11-2020 11:13:45) Run:1
Running from D:\Downloads
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [Display] => C:\Program Files (x86)\Microsoft Games\Game\System.exe <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {105c938b-800b-11ea-9ce5-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {8a5d48ca-ef25-11e9-9cd1-40b0765e7062} - "F:\setup.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daa7d-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daaea-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-10-07] <==== ATTENTION
ShortcutTarget: SmartClock.lnk -> C:\Users\Petr\AppData\Roaming\Smart Clock\SmartClock.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5344B390-8DA8-41BD-A8A0-7B0B0E791834} - System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => C:\Users\Petr\AppData\Roaming\efwchvd.exe <==== ATTENTION
Task: {77AC776A-09EF-44F5-A8E6-462B2838B69F} - System32\Tasks\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E} => C:\Users\Petr\AppData\Roaming\bawchvd.exe <==== ATTENTION
Task: {7D36C007-FD0B-49FB-B8C6-81096FE42E9B} - System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => C:\Users\Petr\AppData\Roaming\adwchvd.exe <==== ATTENTION
Task: {FBE4967F-8F0B-42FE-9806-E0669DF8F86A} - System32\Tasks\AutoPico Daily Restart => C:\Users\Petr\OneDrive\Plocha\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
Hosts:
EmptyTemp:
Reboot:
End
*****************
"HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Display" => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{105c938b-800b-11ea-9ce5-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a5d48ca-ef25-11e9-9cd1-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c0daa7d-73eb-11ea-9cde-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c0daaea-73eb-11ea-9cde-40b0765e7062} => removed successfully
C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk => moved successfully
"C:\Users\Petr\AppData\Roaming\Smart Clock\SmartClock.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5344B390-8DA8-41BD-A8A0-7B0B0E791834}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5344B390-8DA8-41BD-A8A0-7B0B0E791834}" => removed successfully
C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77AC776A-09EF-44F5-A8E6-462B2838B69F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77AC776A-09EF-44F5-A8E6-462B2838B69F}" => removed successfully
C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D36C007-FD0B-49FB-B8C6-81096FE42E9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D36C007-FD0B-49FB-B8C6-81096FE42E9B}" => removed successfully
C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBE4967F-8F0B-42FE-9806-E0669DF8F86A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBE4967F-8F0B-42FE-9806-E0669DF8F86A}" => removed successfully
C:\Windows\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6316032 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12750061 B
Java, Flash, Steam htmlcache => 1097 B
Windows/system/drivers => 3670703 B
Edge => 1242 B
Chrome => 140302 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 24969216 B
LocalService => 24969216 B
NetworkService => 24969216 B
Petr => 351254183 B
RecycleBin => 0 B
EmptyTemp: => 428.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:14:07 ====
Ran by Petr (26-11-2020 11:13:45) Run:1
Running from D:\Downloads
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [Display] => C:\Program Files (x86)\Microsoft Games\Game\System.exe <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {105c938b-800b-11ea-9ce5-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {8a5d48ca-ef25-11e9-9cd1-40b0765e7062} - "F:\setup.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daa7d-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {9c0daaea-73eb-11ea-9cde-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-10-07] <==== ATTENTION
ShortcutTarget: SmartClock.lnk -> C:\Users\Petr\AppData\Roaming\Smart Clock\SmartClock.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5344B390-8DA8-41BD-A8A0-7B0B0E791834} - System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => C:\Users\Petr\AppData\Roaming\efwchvd.exe <==== ATTENTION
Task: {77AC776A-09EF-44F5-A8E6-462B2838B69F} - System32\Tasks\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E} => C:\Users\Petr\AppData\Roaming\bawchvd.exe <==== ATTENTION
Task: {7D36C007-FD0B-49FB-B8C6-81096FE42E9B} - System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => C:\Users\Petr\AppData\Roaming\adwchvd.exe <==== ATTENTION
Task: {FBE4967F-8F0B-42FE-9806-E0669DF8F86A} - System32\Tasks\AutoPico Daily Restart => C:\Users\Petr\OneDrive\Plocha\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
Hosts:
EmptyTemp:
Reboot:
End
*****************
"HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Display" => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{105c938b-800b-11ea-9ce5-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a5d48ca-ef25-11e9-9cd1-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c0daa7d-73eb-11ea-9cde-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c0daaea-73eb-11ea-9cde-40b0765e7062} => removed successfully
C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk => moved successfully
"C:\Users\Petr\AppData\Roaming\Smart Clock\SmartClock.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5344B390-8DA8-41BD-A8A0-7B0B0E791834}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5344B390-8DA8-41BD-A8A0-7B0B0E791834}" => removed successfully
C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77AC776A-09EF-44F5-A8E6-462B2838B69F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77AC776A-09EF-44F5-A8E6-462B2838B69F}" => removed successfully
C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{2A68F03E-F03E-F03E-F03E-2A68F03EF03E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D36C007-FD0B-49FB-B8C6-81096FE42E9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D36C007-FD0B-49FB-B8C6-81096FE42E9B}" => removed successfully
C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBE4967F-8F0B-42FE-9806-E0669DF8F86A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBE4967F-8F0B-42FE-9806-E0669DF8F86A}" => removed successfully
C:\Windows\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6316032 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12750061 B
Java, Flash, Steam htmlcache => 1097 B
Windows/system/drivers => 3670703 B
Edge => 1242 B
Chrome => 140302 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 24969216 B
LocalService => 24969216 B
NetworkService => 24969216 B
Petr => 351254183 B
RecycleBin => 0 B
EmptyTemp: => 428.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:14:07 ====
Re: preventivně
aky je stav 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: preventivně
dnes mi už dokonce chvíli nešly otevřít ani obyčejné webové stránky.Napsalo mi to,že nemám dostatke paměti.A to jsem ještě předevčírem měl 12 GB.Teď mám 70 MBProstě mám někde nějakého ( žrouta paměti( a musím přijít na to, KDE.
Re: preventivně
Podla logov si mal nedostatok miesta na disku, teraz pises o pamati ...
Skus vypnut obnovu systemu, restart, zapni obnovu
Zmaze body obnovy a uvolni sa miesto na disku
... a aktualne logy FRST
Skus vypnut obnovu systemu, restart, zapni obnovu
Zmaze body obnovy a uvolni sa miesto na disku
... a aktualne logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?