Dobrý den.
Synovi se seká a zabržduje NTB.Poslední dobou se mu seká i prohlížeč.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2021
Ran by Davídek (administrator) on LAPTOP-1A2BAFO9 (LENOVO 80M3) (19-01-2021 19:07:06)
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Davídek
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe <2>
() [File not signed] C:\Program Files\MobiGame\aeg_launcher.exe
() [File not signed] C:\Program Files\MobiGame\MobiGameUpdater.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Game Player) [File not signed] C:\Program Files\MobiGame\player\mobiplayer.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit Information Technology -> IObit) [File not signed] C:\Program Files (x86)\Advanced SystemCare Pro\ASC_IObitDel.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\Advanced SystemCare Pro\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\Advanced SystemCare Pro\ASCTray_IObitDel.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\PrintDialog\PrintDialog.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <3>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) [File not signed] C:\Program Files\MobiGame\vbox\MobiVBoxSVC.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [4338880 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd) [File not signed]
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Run: [Mobigame Playstore] => C:\Program Files\MobiGame\playstore\playstore.exe [169984 2020-12-06] () [File not signed]
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {5169af39-cc5a-11ea-9d0a-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {d40eb54e-c367-11ea-9d09-b46d83ba83d9} - "F:\stub.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] () [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\WINDOWS\system32\hpf3l02t.dll [138752 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\advpack.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
IFEO\AUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\AutoUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\BigUpgrade_IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\CrRestore.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\DSPut.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Feedback.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmsvc.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmui.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iu10Pre.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUProtip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUService.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iush.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUSoftUpdateTip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUXM2020.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Loader-IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\NoteIcon.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ScreenShot.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SecurityNotification_1.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SendBugReportNew.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SpecUTool.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2019-01-21]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-02-22]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02BE8CF1-0BB4-42CF-A39E-2B1FE999A83E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {0D4F4CCE-E055-4976-ACCA-2ADF104ADAF3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {0DCCC838-573D-44F5-8032-CF7A7F817964} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0DF09F9E-EC13-4F1B-8418-AE256753877C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {10287C3A-57B4-4807-B923-E1664E2C4BDB} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [528656 2019-05-22] (IObit Information Technology -> IObit)
Task: {10A062DF-6814-4F44-A30A-BD01063EE275} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264328 2016-12-07] (LENOVO -> )
Task: {29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {2ACEDC19-3133-4FCB-9FFC-6C1E71FD9DC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {2BF6ABA1-02C9-48D1-8D58-15BE5E8EAA32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {31A4CBF7-FBD7-4B29-910B-53E05D94D0C4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {340292CE-49E0-4C20-9152-A99ABDCA0B58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3AC1A547-8768-4CEF-B88B-3CCE9008146D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3E21CFB4-E4B6-4DDE-9566-72B0B66E8177} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {420CD1C1-86FF-4FA0-83B0-B12A5EDE55EA} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {4392A3B5-0280-40A3-919E-928DC94F6C6F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {47B05644-B523-44B7-BE01-F7909A81F9FC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-909588931-3475030629-4239748838-1001 => C:\Users\Frantisek\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {4A446D9D-09D0-4F7D-9ACB-078B7A1A91AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {4BF1E12D-5EEC-4697-A386-406F17EAA49A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {4DEFED63-BC02-4525-8FF4-CBAE237FE5C1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {52D3E5E1-9458-4E87-AE45-F47DF095D768} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {5B41C75D-2A80-4A79-8A30-74C1659332CF} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-04-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {5C7E366F-14DA-4C73-AB96-06CDF76B8EFF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {5C91CC50-01E4-4AD2-9A53-A4F2DF3D679C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {62268D82-C708-4D01-BD0F-5E837878FB30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {72FDCC01-83BA-49B0-B301-14BFA78C934D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443736 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {778D5342-B935-4869-9417-BD04AFD3AFE4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {7841C11D-B7DE-4579-AE47-BEEE80C93F54} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-20] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {89508FB2-31F9-41F2-9F71-83F0854AC113} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {8A7C76F3-3621-4EC8-8F50-BC0DA6FEF531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-16] (HP Inc. -> HP Inc.)
Task: {95834511-A8FA-407B-AC59-438CA5B30E7F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {97F39469-487F-4173-A1A2-89E640183F99} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9AE8E8F7-F542-45E2-BC95-9668072163E6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9D5CD83C-5568-4845-931C-246423EB0C70} - System32\Tasks\Uninstaller_SkipUac_Davídek => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {A5A90189-8D48-4687-8E20-0C98381D32F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321608 2016-12-07] (LENOVO -> Lenovo)
Task: {AF0CFCFE-B16F-49B8-AC47-0169C96366F2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10165384 2016-12-07] (LENOVO -> Lenovo)
Task: {B2039E40-E251-49DA-993D-442C4019D38F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDDD7E7F-EF33-4702-9BBE-75669DCC2E8B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10165384 2016-12-07] (LENOVO -> Lenovo)
Task: {C484020B-4116-4825-B453-33B7B90D25F1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-22] (HP Inc. -> )
Task: {C7B08A7E-BB5D-41D3-822C-DFC9307DE08D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C84D79CA-AB3A-457E-B9C0-E442FB369D07} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {DEDD70B4-619A-456E-9FF5-2CF1F1124F83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {E1AD38FF-E252-42D6-9255-3E64C0B70108} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {E3F6ADE3-1F95-4BD7-B518-226E896F7A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9BF93CC-B03A-40F5-9492-BE2205801582} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F4511039-50CC-49E9-BCFF-583D1742650A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB812180-BAE1-41E2-923C-C202025CB41B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-02-08] (LENOVO -> Lenovo)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4a6553e8-92b6-480f-b3e7-ea15ae64d737}: [NameServer] 208.67.222.123,208.67.220.123
Tcpip\..\Interfaces\{4a6553e8-92b6-480f-b3e7-ea15ae64d737}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5cb98504-278a-42f5-89b8-3ce67b2dc918}: [NameServer] 208.67.222.123,208.67.220.123
Edge:
=======
DownloadDir: C:\Users\Frantisek\Downloads
Edge Notifications: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> hxxps://www.fosshub.com; hxxps://fastshare.cz; hxxps://email08.active24.com; hxxps://www.kb.cz; hxxps://mail.google.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\Frantisek\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-13]
FireFox:
========
FF DefaultProfile: s6GBKh7b.default
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\TomTom\HOME\Profiles\7ar1ighs.default [2019-05-31]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964 [2021-01-19]
FF user.js: detected! => C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964\user.js [2020-12-11]
FF Homepage: Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964 -> www.seznam.cz
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default [2020-12-11]
FF user.js: detected! => C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default\user.js [2020-12-11]
FF Extension: (Avira Browser Safety) - C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default\Extensions\abs@avira.com [2019-05-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-19]
Chrome:
=======
CHR Profile: C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default [2020-12-29]
CHR Extension: (Dokumenty) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-29]
CHR Extension: (AVG SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-02-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
Opera:
=======
OPR Profile: C:\Users\Frantisek\AppData\Roaming\Opera Software\Opera Stable [2020-12-29]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdvancedSystemCareService13; C:\Program Files (x86)\Advanced SystemCare Pro\ASCService.exe [1290000 2019-12-27] (IObit Information Technology -> IObit)
R2 AegLauncher; C:\Program Files\MobiGame\aeg_launcher.exe [7183872 2020-12-06] () [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S4 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
R2 MobiGameUpdater; C:\Program Files\MobiGame\MobiGameUpdater.exe [303104 2020-12-06] () [File not signed]
S3 PACSPTISVR-Sound_Organizer; C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe [167208 2014-07-16] (Sony Corporation -> Sony Corporation)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1162000 2019-05-28] (IObit Information Technology -> IObit)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2020-07-11] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2020-07-11] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-19] (Symantec Corporation -> Symantec Corporation)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-19] (Symantec Corporation -> Symantec Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-05-25] (Martin Malik - REALiX -> REALiX(tm))
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44112 2019-07-30] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2019-07-30] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2019-07-30] (IObit Information Technology -> IObit)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2020-10-09] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R1 MobiVBoxDrv; C:\Program Files\MobiGame\vbox\MobiVBoxDrv.sys [314688 2020-11-11] (Iron Entertainment Inc. -> Oracle Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-04-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [52224 2004-01-26] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [95552 2004-01-26] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2016-05-24] (Corel Corporation -> Corel Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\system32\DRIVERS\WSDScan.sys [26112 2019-03-19] (Microsoft Corporation) [File not signed]
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
U4 AscRegistryFilter; \??\C:\Program Files (x86)\Advanced SystemCare Pro\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 19:07 - 2021-01-19 19:13 - 000038211 _____ C:\Users\Frantisek\Desktop\FRST.txt
2021-01-19 19:02 - 2021-01-19 19:11 - 000000000 ____D C:\FRST
2021-01-19 18:56 - 2021-01-19 18:57 - 002295808 _____ (Farbar) C:\Users\Frantisek\Desktop\FRST64.exe
2021-01-19 16:38 - 2021-01-19 16:38 - 000002968 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Davídek
2021-01-19 16:38 - 2021-01-19 16:38 - 000001437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2021-01-19 16:38 - 2021-01-19 16:38 - 000001297 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2021-01-19 16:38 - 2021-01-19 16:38 - 000001297 _____ C:\ProgramData\Desktop\IObit Uninstaller.lnk
2021-01-19 16:37 - 2021-01-19 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2021-01-19 16:22 - 2021-01-19 16:40 - 000000536 _____ C:\Users\Frantisek\Desktop\Windows (C).lnk
2021-01-19 16:22 - 2021-01-19 16:22 - 000000513 _____ C:\Users\Frantisek\Desktop\LENOVO (D).lnk
2021-01-19 07:44 - 2021-01-19 07:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-18 14:48 - 2021-01-19 15:43 - 000000000 ____D C:\Users\Frantisek\Desktop\Granny PC
2021-01-18 10:25 - 2021-01-18 10:25 - 000000000 ____D C:\Users\Frantisek\AppData\LocalLow\DVloper
2021-01-15 08:47 - 2021-01-15 08:47 - 000138880 _____ C:\Users\Frantisek\Downloads\VY_32_INOVACE_ČJ.4.132 pololetní práce.pdf
2021-01-15 08:47 - 2021-01-15 08:47 - 000137436 _____ C:\Users\Frantisek\Downloads\Cesky jazyk 3.pdf
2021-01-14 09:28 - 2021-01-14 09:28 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 09:27 - 2021-01-14 09:27 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 09:27 - 2021-01-14 09:27 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 09:27 - 2021-01-14 09:27 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 09:27 - 2021-01-14 09:27 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 09:26 - 2021-01-14 09:26 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 09:26 - 2021-01-14 09:26 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 09:26 - 2021-01-14 09:26 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 09:26 - 2021-01-14 09:26 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 09:25 - 2021-01-14 09:25 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 09:25 - 2021-01-14 09:25 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 09:25 - 2021-01-14 09:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 09:25 - 2021-01-14 09:25 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 09:24 - 2021-01-14 09:24 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 09:24 - 2021-01-14 09:24 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 09:23 - 2021-01-14 09:23 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 09:23 - 2021-01-14 09:23 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 09:23 - 2021-01-14 09:23 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 09:22 - 2021-01-14 09:22 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 09:21 - 2021-01-14 09:21 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 09:21 - 2021-01-14 09:21 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 09:19 - 2021-01-14 09:19 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 09:19 - 2021-01-14 09:19 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 09:19 - 2021-01-14 09:19 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 09:18 - 2021-01-14 09:18 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 09:16 - 2021-01-14 09:16 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 09:16 - 2021-01-14 09:16 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 09:16 - 2021-01-14 09:16 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 09:14 - 2021-01-14 09:14 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 09:14 - 2021-01-14 09:14 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 09:12 - 2021-01-14 09:12 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 09:11 - 2021-01-14 09:11 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 09:11 - 2021-01-14 09:11 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 09:11 - 2021-01-14 09:11 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-14 09:10 - 2021-01-14 09:10 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 08:03 - 2021-01-19 08:00 - 000000000 ____D C:\Users\Frantisek\.MobiVBox
2021-01-13 15:30 - 2021-01-13 15:35 - 000000000 ____D C:\Users\Davídek\AppData\Local\MobiGame
2021-01-13 15:24 - 2021-01-13 15:33 - 000000000 ____D C:\Program Files\MobiGame
2021-01-13 15:15 - 2021-01-13 15:15 - 000000000 ____D C:\Users\Davídek
2021-01-13 15:13 - 2021-01-19 07:48 - 000000000 ____D C:\Users\Frantisek\AppData\Local\MobiGame
2021-01-13 15:09 - 2021-01-13 15:09 - 002667160 _____ () C:\Users\Frantisek\Downloads\Granny_com.dvloper.granny_gameslolc_8533348.exe
2021-01-13 14:12 - 2021-01-13 14:12 - 001227160 _____ (BlueStack Systems Inc.) C:\Users\Frantisek\Downloads\BlueStacksInstaller_4.250.0.1070_native_fc7be42215ea0fdd10070580007dbb95_R3Jhbm55(1).exe
2021-01-13 13:53 - 2021-01-13 13:54 - 001227160 _____ (BlueStack Systems Inc.) C:\Users\Frantisek\Downloads\BlueStacksInstaller_4.250.0.1070_native_fc7be42215ea0fdd10070580007dbb95_R3Jhbm55.exe
2021-01-13 13:30 - 2021-01-13 13:30 - 000000000 ____D C:\Users\Frantisek\Downloads\MEmu Download
2021-01-13 13:29 - 2021-01-13 13:29 - 000000000 ____D C:\Users\Frantisek\.MemuHyperv
2021-01-13 13:24 - 2021-01-13 13:51 - 000000000 ____D C:\Program Files (x86)\Microvirt
2021-01-13 13:19 - 2021-01-13 13:19 - 001348184 _____ () C:\Users\Frantisek\Downloads\Memu-Installer_v4.232.100.637.exe
2021-01-13 12:48 - 2021-01-13 12:48 - 000000000 ____D C:\Users\Frantisek\Desktop\angličtina nikola
2021-01-13 12:46 - 2021-01-13 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABC Kid Genius
2021-01-13 12:46 - 2021-01-13 12:46 - 000000000 ____D C:\kgdemo
2021-01-13 12:45 - 2021-01-13 12:46 - 026897528 _____ () C:\Users\Frantisek\Downloads\AbcKidGenius(1).exe
2021-01-13 12:44 - 2021-01-13 12:44 - 038589168 _____ ( ) C:\Users\Frantisek\Downloads\AbcKidGenius.exe
2021-01-13 12:32 - 2021-01-13 12:32 - 000000000 ____D C:\Users\Frantisek\AppData\Local\HiSuite
2021-01-13 10:52 - 2021-01-13 10:52 - 000468229 _____ C:\Users\Frantisek\Downloads\document(1).pdf
2021-01-12 14:44 - 2021-01-12 14:44 - 000147261 _____ C:\Users\Frantisek\Downloads\document.pdf
2021-01-08 08:20 - 2021-01-08 08:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-07 08:22 - 2021-01-08 14:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-31 20:47 - 2020-12-31 20:47 - 456329568 _____ (Microvirt Software Technology Co. Ltd.) C:\Users\Frantisek\Downloads\MEmu-Setup-7.3.2-had33c9d62.exe
2020-12-29 16:24 - 2020-12-29 16:24 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-12-29 16:24 - 2020-12-29 16:21 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-12-29 15:53 - 2020-12-29 15:53 - 030536752 _____ (Piriform Software Ltd) C:\Users\Frantisek\Downloads\ccsetup575 (1).exe
2020-12-29 15:49 - 2020-12-29 15:49 - 030536752 _____ (Piriform Software Ltd) C:\Users\Frantisek\Downloads\ccsetup575.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 18:50 - 2020-02-19 17:14 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-19 18:48 - 2020-02-19 17:15 - 000000000 ____D C:\Users\Frantisek\AppData\LocalLow\Mozilla
2021-01-19 18:35 - 2020-07-11 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Singles
2021-01-19 18:32 - 2020-01-09 19:54 - 000000000 ___RD C:\Users\Frantisek\Desktop\hry
2021-01-19 18:31 - 2020-07-11 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barbie(TM)
2021-01-19 18:31 - 2015-09-12 07:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-19 18:30 - 2020-07-11 14:09 - 000000127 _____ C:\WINDOWS\ka.ini
2021-01-19 18:26 - 2019-12-28 11:36 - 000000000 ____D C:\Users\Frantisek\Desktop\DĚDA
2021-01-19 18:19 - 2020-11-25 11:46 - 000000000 ____D C:\Program Files (x86)\SEGA
2021-01-19 18:10 - 2020-07-11 20:22 - 000000000 ____D C:\GOG Games
2021-01-19 18:07 - 2020-07-11 13:44 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Disney Interactive Studios
2021-01-19 17:54 - 2020-10-20 13:04 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDROMEK
2021-01-19 17:54 - 2020-10-20 13:03 - 000000000 ____D C:\Program Files (x86)\Centauri
2021-01-19 17:44 - 2020-05-25 19:44 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Pro
2021-01-19 17:39 - 2020-11-18 20:14 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Bluestacks
2021-01-19 17:29 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-19 16:28 - 2020-11-10 14:44 - 000000000 ____D C:\Users\Frantisek\Desktop\máma
2021-01-19 16:26 - 2020-11-18 12:35 - 000000000 ____D C:\Users\Frantisek\Desktop\ŠKOLA
2021-01-19 15:58 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-19 14:46 - 2019-08-21 20:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-19 14:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-19 14:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-19 07:43 - 2019-08-21 20:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-18 14:51 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-18 09:06 - 2017-12-20 21:08 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Packages
2021-01-17 17:37 - 2020-07-08 19:09 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Kodi
2021-01-16 18:31 - 2020-12-11 10:33 - 000000000 ____D C:\ProgramData\ProductData
2021-01-15 07:58 - 2017-11-28 15:37 - 000000000 ___RD C:\Users\Frantisek\3D Objects
2021-01-15 07:58 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-15 07:53 - 2019-08-22 04:04 - 000721116 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-15 07:53 - 2019-08-22 04:04 - 000146546 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-15 07:53 - 2019-08-21 20:38 - 001697934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-15 07:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-15 07:47 - 2019-08-21 20:08 - 000508976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-14 20:45 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 20:45 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 12:21 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 12:08 - 2016-02-17 14:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 09:49 - 2016-02-17 14:51 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 09:09 - 2019-08-21 20:14 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-14 08:08 - 2017-08-28 10:21 - 000000000 ____D C:\Users\Frantisek\AppData\Local\CrashDumps
2021-01-14 08:03 - 2019-08-21 20:25 - 000000000 ____D C:\Users\Frantisek
2021-01-13 16:06 - 2020-07-08 19:22 - 000001352 _____ C:\Users\Frantisek\Desktop\kodi – zástupce.lnk
2021-01-13 14:17 - 2020-11-18 20:14 - 000000000 ____D C:\Users\Public\BlueStacks
2021-01-13 13:27 - 2017-06-26 12:50 - 000000000 ____D C:\Users\Frantisek\.android
2021-01-12 15:21 - 2015-09-12 07:43 - 000000000 ____D C:\ProgramData\Lenovo
2021-01-12 15:20 - 2016-11-17 08:58 - 000376967 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-01-11 08:41 - 2020-06-16 11:31 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-08 14:24 - 2020-03-21 13:07 - 000000000 ____D C:\Users\Frantisek\Desktop\tisk MP250
2021-01-08 14:18 - 2020-03-21 13:09 - 000000000 ____D C:\ProgramData\CanonIJ
2021-01-08 14:18 - 2020-03-21 13:06 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-01-08 14:07 - 2020-02-19 17:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 08:20 - 2020-02-19 17:14 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-07 08:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-29 16:24 - 2019-03-31 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-29 16:24 - 2019-03-31 10:21 - 000000000 ____D C:\Program Files (x86)\Java
2020-12-29 16:24 - 2017-02-18 18:20 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:24 - 2017-02-18 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:07 - 2017-08-01 14:25 - 000000000 ____D C:\temp
2020-12-29 15:57 - 2020-01-12 16:53 - 000000000 ____D C:\WINDOWS\Minidump
2020-12-29 15:21 - 2019-03-04 16:47 - 000000000 ____D C:\Users\Frantisek\AppData\Local\D3DSCache
2020-12-29 14:25 - 2015-09-12 07:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Files in the root of some directories ========
2020-01-12 16:42 - 2017-05-24 09:40 - 005711776 _____ () C:\Program Files (x86)\antiporn241.exe
2020-03-04 18:35 - 2020-03-04 18:35 - 000002597 _____ () C:\Program Files (x86)\Lepsi.TV.InstallState
2018-10-17 09:43 - 2018-10-17 09:43 - 000000002 _____ () C:\Users\Frantisek\AppData\Roaming\acc.txt
2016-05-08 12:21 - 2016-05-08 12:22 - 000001691 _____ () C:\Users\Frantisek\AppData\Roaming\fastboot.log
2020-01-08 23:32 - 2020-01-08 23:32 - 000042358 _____ () C:\Users\Frantisek\AppData\Roaming\iec_0D0A0E0M0O0N0T1F1F1I1B1V0F0StJ1V1S1F1F1J1L1G1NtF1R1F1H.txt
2020-01-08 23:32 - 2020-01-08 23:32 - 000286556 _____ () C:\Users\Frantisek\AppData\Roaming\iec_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-10-17 09:57 - 2018-10-17 09:57 - 000001191 _____ () C:\Users\Frantisek\AppData\Roaming\uni.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zpomalené pc 2
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: zpomalené pc 2
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2021
Ran by Davídek (19-01-2021 19:36:26)
Running from C:\Users\Frantisek\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2019-08-21 20:01:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-909588931-3475030629-4239748838-500 - Administrator - Disabled)
Davídek (S-1-5-21-909588931-3475030629-4239748838-1001 - Administrator - Enabled) => C:\Users\Frantisek
DefaultAccount (S-1-5-21-909588931-3475030629-4239748838-503 - Limited - Disabled)
Guest (S-1-5-21-909588931-3475030629-4239748838-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-909588931-3475030629-4239748838-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-909588931-3475030629-4239748838-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABC Kid Genius (HKLM-x32\...\ABC Kid Genius) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Barbie(TM) Dobrodružství s koňmi(TM) (HKLM-x32\...\{F827DB7E-9F8F-46BA-9F22-46CE2CEE1D7E}) (Version: 1.00.0000 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
Databox Server (HKLM-x32\...\Databox Databázový server_is1) (Version: 2.0 - SYSTEGRA s.r.o.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.23.1.1 - SCS Software)
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.8.1626.68 - Software602 a.s.)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Gemplus Smart Card Reader Tools (HKLM-x32\...\Gemplus Smart Card Reader Tools) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GMX - Enhanced by Google (HKLM-x32\...\{5086B846-0006-69C6-B186-19466106CAC6}) (Version: - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
iCloud (HKLM\...\{2C05E99A-94F0-4F95-B602-CD2D2682D6C3}) (Version: 7.13.0.14 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
iTunes (HKLM\...\{A39EE3D3-411E-472C-AF73-9D751E37A7EE}) (Version: 12.10.0.7 - Apple Inc.)
Jane Angel 2 - Děti temnoty (HKLM-x32\...\{Jane Angel 2 - Deti temnoty}_is1) (Version: - Spidla Data Processing, s.r.o.)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kodi (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Kodi) (Version: - XBMC Foundation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Media Player Codec Pack 4.4.6 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.6 - Media Player Codec Pack)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12527.21416 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MobiGame (HKLM\...\{0CD5AE2D-BB58-4E35-8B5C-AFE9A4980E1A}) (Version: 3.15.8.0 - MobiGame)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
Mystery Maze Of Balthasar Castle (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Mystery Maze Of Balthasar Castle) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Readiris Pro 14 (HKLM-x32\...\{253FD6A5-CE77-4FBC-A937-202D15808D0C}) (Version: 14.00.7277 - I.R.I.S.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Registrace uživatele zařízení Canon MP250 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP250 series) (Version: - )
Sound Organizer (HKLM-x32\...\{1452627B-3FC3-4979-A11A-C5F877D8286E}) (Version: 1.6.0.07210 - Sony Corporation)
Sousedé z pekla 2 (HKLM-x32\...\{F5AB23F4-796A-4929-99D9-71F09F145A0B}) (Version: 1.0.0 - JoWooD)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 5.3.0.1 - IObit)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.32462 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VLC Media Player verze 1.5 (HKLM-x32\...\VLC Media Player_is1) (Version: 1.5 - )
WhatsApp (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\WhatsApp) (Version: 2.2045.19 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2021-01-06] (HP Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-19] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Specialista na otvírání -> C:\Program Files\WindowsApps\32795SoftwareSpecialist.OpenSpecialist_1.3.1.0_x86__gqsbwgjpx5caa [2018-05-28] (Software Specialist)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-24] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-07-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\SysWOW64\ir50_32original.dll [746496 2019-03-19] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\SysWOW64\iac25_32.ax [197632 2019-03-19] (Microsoft Windows -> Intel Corporation)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-12-06 23:29 - 2020-12-06 23:29 - 000286720 _____ () [File not signed] C:\Program Files\MobiGame\player\EGL_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000487424 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_CM_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 001502720 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_V2_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000009728 _____ () [File not signed] C:\Program Files\MobiGame\player\logging.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000610816 _____ () [File not signed] C:\Program Files\MobiGame\player\OpenglRender.dll
2016-02-23 09:16 - 2012-09-29 13:25 - 000074240 _____ () [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2020-12-11 10:31 - 2020-03-12 10:15 - 000321296 _____ (IObit) [File not signed] C:\Program Files (x86)\Advanced SystemCare Pro\OFCommon.dll
2020-12-23 17:54 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-07-09 11:26 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000028112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qsvg.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000506832 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qwebp.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000740304 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\Qt5Multimedia.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Frantisek:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Templates:gs5sys [2048]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKLM -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {2135472E-A2C6-4B57-8526-7D6B76DE26F7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\.DEFAULT -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL =
SearchScopes: HKU\.DEFAULT -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\sharepoint.com -> hxxps://ecentral-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2018-12-03 16:37 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
2017-12-05 16:15 - 2017-12-05 16:20 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 208.67.222.123 - 208.67.220.123
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{16802A97-6DFD-4669-A8BF-499E6C9EB2E7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C388C2F9-CF48-47C0-90A4-A8B1597DFA7F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD4DA2CC-CE6D-43BF-BE66-4F5FEB6E5C14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0E8B015-1BA7-40AC-A94D-2BE70B0CAC59}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0A40904-E879-46FB-8668-6085AEFF6838}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F25AFF4F-4882-448B-8229-63A0B1BF0AFA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3C0E4EE-8768-470D-9A0F-725469A977A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52CEF164-09B4-4B9B-A4C4-8937C734C2A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7B502681-15E0-4DB3-BE70-64741F76444E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{660B530A-AB34-45A3-9B12-5279AB8E5D15}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{458FD913-108E-49CB-BE5D-013DF1F87025}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{DAAAAD19-564E-4F78-8337-708FC78C5639}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D82F5222-2050-4B2B-894C-4C96A71B3B9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A9722EF2-9DAF-4724-A72A-B6E2E559DAFC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0BCFB784-E47F-4868-B198-E82AA39E16E2}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FB430001-E768-4E28-A00E-D5F811AE1CE8}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Mystery Maze Of Balthasar Castle\Mystery Maze of Balthasar Castle.exe (Alawar Entertainment Inc -> )
FirewallRules: [{0D280591-AE9D-44A0-B468-D33B8253A42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85B5B33A-A726-4EFD-A4D7-FF5C0A6FB779}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2EC61760-F657-4059-8395-7404CF458DFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21C32423-A241-4499-8801-1246087CC42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9EB99AF-1BC5-4654-9B5C-CA990E00AAFC}] => (Allow) C:\Program Files\MobiGame\player\mobiplayer.exe (Game Player) [File not signed]
FirewallRules: [{0996E6E9-69D1-47FC-8003-DAA626FF7687}] => (Allow) C:\Program Files\MobiGame\vbox\vboxheadless.exe (Iron Entertainment Inc. -> Oracle Corporation)
==================== Restore Points =========================
07-01-2021 12:04:53 Naplánovaný kontrolní bod
13-01-2021 15:43:33 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/19/2021 07:06:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 19.1.2021.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2778
Čas spuštění: 01d6ee8d3c1bef52
Čas ukončení: 54
Cesta k aplikaci: C:\Users\Frantisek\Desktop\FRST64.exe
ID hlášení: 08bd4f20-0621-4a72-bdbd-accd5ab61b04
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (01/19/2021 06:40:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IObitUninstaler.exe verze 9.0.2.40 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1e4c
Čas spuštění: 01d6ee8a0038a9e9
Čas ukončení: 84
Cesta k aplikaci: C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
ID hlášení: 55b61528-bd7b-483c-9664-ade4a6fb0efd
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (01/19/2021 06:31:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (01/19/2021 06:28:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
Error: (01/19/2021 06:19:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (01/19/2021 06:16:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
Error: (01/19/2021 06:02:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (01/19/2021 05:59:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
System errors:
=============
Error: (01/19/2021 04:43:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba IObit Uninstaller Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (01/19/2021 07:48:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba GDCAgent přestala během spouštění reagovat.
Error: (01/19/2021 07:45:58 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/19/2021 07:42:39 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys
Error: (01/18/2021 02:51:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ClickToRunSvc bylo dosaženo časového limitu (30000 ms).
Error: (01/18/2021 02:50:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:37:12 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:13:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys
Windows Defender:
===================================
Date: 2020-12-11 11:34:48.022
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\ESET\ESET Security\ekrn.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:34:48.021Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files\ESET\ESET Security\ekrn.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:24:52.133
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe možnost upravit %userprofile%\Documents\Euro Truck Simulator 2\.
Čas detekce: 2020-12-11T10:24:52.132Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: %userprofile%\Documents\Euro Truck Simulator 2\
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:23:40.663
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:23:40.662Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:20.046
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:20.045Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:02.218
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:02.217Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume4
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-11-18 09:05:47.206
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1003.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-16 08:18:44.109
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.893.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-14 20:31:15.827
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.840.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2021-01-19 10:56:32.294
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 10:56:31.954
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 10:56:31.640
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.601
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.558
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.320
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.189
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:44:52.498
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO C9CN33WW 08/26/2015
Motherboard: LENOVO Paris G 5A6
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 91%
Total physical RAM: 4008.27 MB
Available physical RAM: 327.8 MB
Total Virtual: 6555.54 MB
Available Virtual: 1972.45 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:419.48 GB) (Free:327.08 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:6.64 GB) NTFS
Drive f: (Windows) (RAMDisk) (Total:419.48 GB) (Free:326.98 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{f23e42ef-65b9-45b8-8527-935fd114e162}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{f9b1f2ec-d035-4230-8fb9-d2c2bbbd94f6}\ (LENOVO_PART) (Fixed) (Total:19.05 GB) (Free:5.92 GB) NTFS
\\?\Volume{45d871ad-6fee-4297-b557-d3e4a9e89924}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9926270)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Davídek (19-01-2021 19:36:26)
Running from C:\Users\Frantisek\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2019-08-21 20:01:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-909588931-3475030629-4239748838-500 - Administrator - Disabled)
Davídek (S-1-5-21-909588931-3475030629-4239748838-1001 - Administrator - Enabled) => C:\Users\Frantisek
DefaultAccount (S-1-5-21-909588931-3475030629-4239748838-503 - Limited - Disabled)
Guest (S-1-5-21-909588931-3475030629-4239748838-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-909588931-3475030629-4239748838-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-909588931-3475030629-4239748838-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABC Kid Genius (HKLM-x32\...\ABC Kid Genius) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Barbie(TM) Dobrodružství s koňmi(TM) (HKLM-x32\...\{F827DB7E-9F8F-46BA-9F22-46CE2CEE1D7E}) (Version: 1.00.0000 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
Databox Server (HKLM-x32\...\Databox Databázový server_is1) (Version: 2.0 - SYSTEGRA s.r.o.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.23.1.1 - SCS Software)
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.8.1626.68 - Software602 a.s.)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Gemplus Smart Card Reader Tools (HKLM-x32\...\Gemplus Smart Card Reader Tools) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GMX - Enhanced by Google (HKLM-x32\...\{5086B846-0006-69C6-B186-19466106CAC6}) (Version: - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
iCloud (HKLM\...\{2C05E99A-94F0-4F95-B602-CD2D2682D6C3}) (Version: 7.13.0.14 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
iTunes (HKLM\...\{A39EE3D3-411E-472C-AF73-9D751E37A7EE}) (Version: 12.10.0.7 - Apple Inc.)
Jane Angel 2 - Děti temnoty (HKLM-x32\...\{Jane Angel 2 - Deti temnoty}_is1) (Version: - Spidla Data Processing, s.r.o.)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kodi (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Kodi) (Version: - XBMC Foundation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Media Player Codec Pack 4.4.6 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.6 - Media Player Codec Pack)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12527.21416 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MobiGame (HKLM\...\{0CD5AE2D-BB58-4E35-8B5C-AFE9A4980E1A}) (Version: 3.15.8.0 - MobiGame)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
Mystery Maze Of Balthasar Castle (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Mystery Maze Of Balthasar Castle) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Readiris Pro 14 (HKLM-x32\...\{253FD6A5-CE77-4FBC-A937-202D15808D0C}) (Version: 14.00.7277 - I.R.I.S.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Registrace uživatele zařízení Canon MP250 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP250 series) (Version: - )
Sound Organizer (HKLM-x32\...\{1452627B-3FC3-4979-A11A-C5F877D8286E}) (Version: 1.6.0.07210 - Sony Corporation)
Sousedé z pekla 2 (HKLM-x32\...\{F5AB23F4-796A-4929-99D9-71F09F145A0B}) (Version: 1.0.0 - JoWooD)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 5.3.0.1 - IObit)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.32462 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VLC Media Player verze 1.5 (HKLM-x32\...\VLC Media Player_is1) (Version: 1.5 - )
WhatsApp (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\WhatsApp) (Version: 2.2045.19 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2021-01-06] (HP Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-19] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Specialista na otvírání -> C:\Program Files\WindowsApps\32795SoftwareSpecialist.OpenSpecialist_1.3.1.0_x86__gqsbwgjpx5caa [2018-05-28] (Software Specialist)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-24] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-07-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\SysWOW64\ir50_32original.dll [746496 2019-03-19] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\SysWOW64\iac25_32.ax [197632 2019-03-19] (Microsoft Windows -> Intel Corporation)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-12-06 23:29 - 2020-12-06 23:29 - 000286720 _____ () [File not signed] C:\Program Files\MobiGame\player\EGL_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000487424 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_CM_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 001502720 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_V2_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000009728 _____ () [File not signed] C:\Program Files\MobiGame\player\logging.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000610816 _____ () [File not signed] C:\Program Files\MobiGame\player\OpenglRender.dll
2016-02-23 09:16 - 2012-09-29 13:25 - 000074240 _____ () [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2020-12-11 10:31 - 2020-03-12 10:15 - 000321296 _____ (IObit) [File not signed] C:\Program Files (x86)\Advanced SystemCare Pro\OFCommon.dll
2020-12-23 17:54 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-07-09 11:26 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000028112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qsvg.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000506832 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qwebp.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000740304 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\Qt5Multimedia.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Frantisek:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Templates:gs5sys [2048]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKLM -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {2135472E-A2C6-4B57-8526-7D6B76DE26F7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\.DEFAULT -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL =
SearchScopes: HKU\.DEFAULT -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\sharepoint.com -> hxxps://ecentral-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2018-12-03 16:37 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
2017-12-05 16:15 - 2017-12-05 16:20 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 208.67.222.123 - 208.67.220.123
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{16802A97-6DFD-4669-A8BF-499E6C9EB2E7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C388C2F9-CF48-47C0-90A4-A8B1597DFA7F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD4DA2CC-CE6D-43BF-BE66-4F5FEB6E5C14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0E8B015-1BA7-40AC-A94D-2BE70B0CAC59}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0A40904-E879-46FB-8668-6085AEFF6838}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F25AFF4F-4882-448B-8229-63A0B1BF0AFA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3C0E4EE-8768-470D-9A0F-725469A977A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52CEF164-09B4-4B9B-A4C4-8937C734C2A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7B502681-15E0-4DB3-BE70-64741F76444E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{660B530A-AB34-45A3-9B12-5279AB8E5D15}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{458FD913-108E-49CB-BE5D-013DF1F87025}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{DAAAAD19-564E-4F78-8337-708FC78C5639}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D82F5222-2050-4B2B-894C-4C96A71B3B9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A9722EF2-9DAF-4724-A72A-B6E2E559DAFC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0BCFB784-E47F-4868-B198-E82AA39E16E2}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FB430001-E768-4E28-A00E-D5F811AE1CE8}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Mystery Maze Of Balthasar Castle\Mystery Maze of Balthasar Castle.exe (Alawar Entertainment Inc -> )
FirewallRules: [{0D280591-AE9D-44A0-B468-D33B8253A42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85B5B33A-A726-4EFD-A4D7-FF5C0A6FB779}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2EC61760-F657-4059-8395-7404CF458DFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21C32423-A241-4499-8801-1246087CC42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9EB99AF-1BC5-4654-9B5C-CA990E00AAFC}] => (Allow) C:\Program Files\MobiGame\player\mobiplayer.exe (Game Player) [File not signed]
FirewallRules: [{0996E6E9-69D1-47FC-8003-DAA626FF7687}] => (Allow) C:\Program Files\MobiGame\vbox\vboxheadless.exe (Iron Entertainment Inc. -> Oracle Corporation)
==================== Restore Points =========================
07-01-2021 12:04:53 Naplánovaný kontrolní bod
13-01-2021 15:43:33 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/19/2021 07:06:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 19.1.2021.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2778
Čas spuštění: 01d6ee8d3c1bef52
Čas ukončení: 54
Cesta k aplikaci: C:\Users\Frantisek\Desktop\FRST64.exe
ID hlášení: 08bd4f20-0621-4a72-bdbd-accd5ab61b04
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (01/19/2021 06:40:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IObitUninstaler.exe verze 9.0.2.40 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1e4c
Čas spuštění: 01d6ee8a0038a9e9
Čas ukončení: 84
Cesta k aplikaci: C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
ID hlášení: 55b61528-bd7b-483c-9664-ade4a6fb0efd
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (01/19/2021 06:31:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (01/19/2021 06:28:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
Error: (01/19/2021 06:19:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (01/19/2021 06:16:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
Error: (01/19/2021 06:02:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (01/19/2021 05:59:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
System errors:
=============
Error: (01/19/2021 04:43:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba IObit Uninstaller Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (01/19/2021 07:48:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba GDCAgent přestala během spouštění reagovat.
Error: (01/19/2021 07:45:58 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/19/2021 07:42:39 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys
Error: (01/18/2021 02:51:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ClickToRunSvc bylo dosaženo časového limitu (30000 ms).
Error: (01/18/2021 02:50:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:37:12 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:13:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys
Windows Defender:
===================================
Date: 2020-12-11 11:34:48.022
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\ESET\ESET Security\ekrn.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:34:48.021Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files\ESET\ESET Security\ekrn.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:24:52.133
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe možnost upravit %userprofile%\Documents\Euro Truck Simulator 2\.
Čas detekce: 2020-12-11T10:24:52.132Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: %userprofile%\Documents\Euro Truck Simulator 2\
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:23:40.663
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:23:40.662Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:20.046
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:20.045Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:02.218
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:02.217Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume4
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-11-18 09:05:47.206
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1003.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-16 08:18:44.109
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.893.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-14 20:31:15.827
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.840.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2021-01-19 10:56:32.294
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 10:56:31.954
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 10:56:31.640
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.601
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.558
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.320
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:47:24.189
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 07:44:52.498
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO C9CN33WW 08/26/2015
Motherboard: LENOVO Paris G 5A6
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 91%
Total physical RAM: 4008.27 MB
Available physical RAM: 327.8 MB
Total Virtual: 6555.54 MB
Available Virtual: 1972.45 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:419.48 GB) (Free:327.08 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:6.64 GB) NTFS
Drive f: (Windows) (RAMDisk) (Total:419.48 GB) (Free:326.98 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{f23e42ef-65b9-45b8-8527-935fd114e162}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{f9b1f2ec-d035-4230-8fb9-d2c2bbbd94f6}\ (LENOVO_PART) (Fixed) (Total:19.05 GB) (Free:5.92 GB) NTFS
\\?\Volume{45d871ad-6fee-4297-b557-d3e4a9e89924}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9926270)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomalené pc 2
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zpomalené pc 2
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-19-2021
# Duration: 00:02:42
# OS: Windows 10 Home
# Cleaned: 53
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Frantisek\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Frantisek\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Frantisek\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Frantisek\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Folder C:\ProgramData\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Deleted Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Deleted Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Frantisek\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Deleted Preinstalled.LenovoPhotoMaster Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|PhotoMasterImportAgent
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52D3E5E1-9458-4E87-AE45-F47DF095D768}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\Users\Frantisek\AppData\Local\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\Frantisek\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
Deleted Preinstalled.LenovoSolutionCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AFDE512F-7BCD-46B6-91C0-230812139EEF}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
Needs Reboot Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
AdwCleaner[S00].txt - [8621 octets] - [11/12/2020 01:27:43]
AdwCleaner[C00].txt - [3053 octets] - [11/12/2020 01:28:38]
AdwCleaner[S01].txt - [7384 octets] - [19/01/2021 20:23:57]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-19-2021
# Duration: 00:02:42
# OS: Windows 10 Home
# Cleaned: 53
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Frantisek\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Frantisek\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
Deleted C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Frantisek\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Frantisek\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Folder C:\ProgramData\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Deleted Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Deleted Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Frantisek\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Deleted Preinstalled.LenovoPhotoMaster Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|PhotoMasterImportAgent
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52D3E5E1-9458-4E87-AE45-F47DF095D768}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\Users\Frantisek\AppData\Local\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\Frantisek\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
Deleted Preinstalled.LenovoSolutionCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AFDE512F-7BCD-46B6-91C0-230812139EEF}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
Needs Reboot Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
AdwCleaner[S00].txt - [8621 octets] - [11/12/2020 01:27:43]
AdwCleaner[C00].txt - [3053 octets] - [11/12/2020 01:28:38]
AdwCleaner[S01].txt - [7384 octets] - [19/01/2021 20:23:57]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomalené pc 2
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zpomalené pc 2
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2021
Ran by Davídek (administrator) on LAPTOP-1A2BAFO9 (LENOVO 80M3) (19-01-2021 20:56:05)
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Davídek
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files\MobiGame\aeg_launcher.exe
() [File not signed] C:\Program Files\MobiGame\MobiGameUpdater.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Game Player) [File not signed] C:\Program Files\MobiGame\player\mobiplayer.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) [File not signed] C:\Program Files\MobiGame\vbox\MobiVBoxSVC.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [4338880 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd) [File not signed]
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Run: [Mobigame Playstore] => C:\Program Files\MobiGame\playstore\playstore.exe [169984 2020-12-06] () [File not signed]
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {5169af39-cc5a-11ea-9d0a-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {d40eb54e-c367-11ea-9d09-b46d83ba83d9} - "F:\stub.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] () [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\WINDOWS\system32\hpf3l02t.dll [138752 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\advpack.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
IFEO\AUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\AutoUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\BigUpgrade_IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\CrRestore.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\DSPut.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Feedback.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmsvc.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmui.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iu10Pre.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUProtip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUService.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iush.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUSoftUpdateTip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUXM2020.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Loader-IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\NoteIcon.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ScreenShot.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SecurityNotification_1.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SendBugReportNew.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SpecUTool.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2019-01-21]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-02-22]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02BE8CF1-0BB4-42CF-A39E-2B1FE999A83E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {0D4F4CCE-E055-4976-ACCA-2ADF104ADAF3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {0DCCC838-573D-44F5-8032-CF7A7F817964} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0DF09F9E-EC13-4F1B-8418-AE256753877C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {10287C3A-57B4-4807-B923-E1664E2C4BDB} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [528656 2019-05-22] (IObit Information Technology -> IObit)
Task: {10A062DF-6814-4F44-A30A-BD01063EE275} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe
Task: {29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10} - \Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c -> No File <==== ATTENTION
Task: {2ACEDC19-3133-4FCB-9FFC-6C1E71FD9DC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {2BF6ABA1-02C9-48D1-8D58-15BE5E8EAA32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {31A4CBF7-FBD7-4B29-910B-53E05D94D0C4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {340292CE-49E0-4C20-9152-A99ABDCA0B58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3AC1A547-8768-4CEF-B88B-3CCE9008146D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3E21CFB4-E4B6-4DDE-9566-72B0B66E8177} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {420CD1C1-86FF-4FA0-83B0-B12A5EDE55EA} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {4392A3B5-0280-40A3-919E-928DC94F6C6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {47B05644-B523-44B7-BE01-F7909A81F9FC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-909588931-3475030629-4239748838-1001 => C:\Users\Frantisek\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {4A446D9D-09D0-4F7D-9ACB-078B7A1A91AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {4BF1E12D-5EEC-4697-A386-406F17EAA49A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {4DEFED63-BC02-4525-8FF4-CBAE237FE5C1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {5B41C75D-2A80-4A79-8A30-74C1659332CF} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
Task: {5C7E366F-14DA-4C73-AB96-06CDF76B8EFF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {5C91CC50-01E4-4AD2-9A53-A4F2DF3D679C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {62268D82-C708-4D01-BD0F-5E837878FB30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {72FDCC01-83BA-49B0-B301-14BFA78C934D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443736 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {778D5342-B935-4869-9417-BD04AFD3AFE4} - \Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10 -> No File <==== ATTENTION
Task: {7841C11D-B7DE-4579-AE47-BEEE80C93F54} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-20] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {89508FB2-31F9-41F2-9F71-83F0854AC113} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {8A7C76F3-3621-4EC8-8F50-BC0DA6FEF531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {95834511-A8FA-407B-AC59-438CA5B30E7F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {97F39469-487F-4173-A1A2-89E640183F99} - \Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec -> No File <==== ATTENTION
Task: {9AE8E8F7-F542-45E2-BC95-9668072163E6} - \Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534 -> No File <==== ATTENTION
Task: {9D5CD83C-5568-4845-931C-246423EB0C70} - System32\Tasks\Uninstaller_SkipUac_Davídek => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {A5A90189-8D48-4687-8E20-0C98381D32F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {AF0CFCFE-B16F-49B8-AC47-0169C96366F2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {B2039E40-E251-49DA-993D-442C4019D38F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDDD7E7F-EF33-4702-9BBE-75669DCC2E8B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {C484020B-4116-4825-B453-33B7B90D25F1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {C7B08A7E-BB5D-41D3-822C-DFC9307DE08D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C84D79CA-AB3A-457E-B9C0-E442FB369D07} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {DEDD70B4-619A-456E-9FF5-2CF1F1124F83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {E1AD38FF-E252-42D6-9255-3E64C0B70108} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {E3F6ADE3-1F95-4BD7-B518-226E896F7A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9BF93CC-B03A-40F5-9492-BE2205801582} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {F4511039-50CC-49E9-BCFF-583D1742650A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB812180-BAE1-41E2-923C-C202025CB41B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4a6553e8-92b6-480f-b3e7-ea15ae64d737}: [NameServer] 208.67.222.123,208.67.220.123
Tcpip\..\Interfaces\{4a6553e8-92b6-480f-b3e7-ea15ae64d737}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5cb98504-278a-42f5-89b8-3ce67b2dc918}: [NameServer] 208.67.222.123,208.67.220.123
Edge:
=======
DownloadDir: C:\Users\Frantisek\Downloads
Edge Notifications: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> hxxps://www.fosshub.com; hxxps://fastshare.cz; hxxps://email08.active24.com; hxxps://www.kb.cz; hxxps://mail.google.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\Frantisek\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-13]
FireFox:
========
FF DefaultProfile: s6GBKh7b.default
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\TomTom\HOME\Profiles\7ar1ighs.default [2019-05-31]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964 [2021-01-19]
FF user.js: detected! => C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964\user.js [2020-12-11]
FF Homepage: Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964 -> www.seznam.cz
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default [2020-12-11]
FF user.js: detected! => C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default\user.js [2020-12-11]
FF Extension: (Avira Browser Safety) - C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default\Extensions\abs@avira.com [2019-05-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-19]
Chrome:
=======
CHR Profile: C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default [2020-12-29]
CHR Extension: (Dokumenty) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-29]
CHR Extension: (AVG SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-02-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
Opera:
=======
OPR Profile: C:\Users\Frantisek\AppData\Roaming\Opera Software\Opera Stable [2020-12-29]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AegLauncher; C:\Program Files\MobiGame\aeg_launcher.exe [7183872 2020-12-06] () [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] (Canon Inc. -> )
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S4 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
R2 MobiGameUpdater; C:\Program Files\MobiGame\MobiGameUpdater.exe [303104 2020-12-06] () [File not signed]
S3 PACSPTISVR-Sound_Organizer; C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe [167208 2014-07-16] (Sony Corporation -> Sony Corporation)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1162000 2019-05-28] (IObit Information Technology -> IObit)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AdvancedSystemCareService13; "C:\Program Files (x86)\Advanced SystemCare Pro\ASCService.exe" [X]
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2020-07-11] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2020-07-11] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-19] (Symantec Corporation -> Symantec Corporation)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-19] (Symantec Corporation -> Symantec Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-05-25] (Martin Malik - REALiX -> REALiX(tm))
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44112 2019-07-30] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2019-07-30] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2019-07-30] (IObit Information Technology -> IObit)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2020-10-09] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R1 MobiVBoxDrv; C:\Program Files\MobiGame\vbox\MobiVBoxDrv.sys [314688 2020-11-11] (Iron Entertainment Inc. -> Oracle Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-04-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [52224 2004-01-26] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [95552 2004-01-26] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2016-05-24] (Corel Corporation -> Corel Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\system32\DRIVERS\WSDScan.sys [26112 2019-03-19] (Microsoft Corporation) [File not signed]
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 20:56 - 2021-01-19 20:59 - 000035102 _____ C:\Users\Frantisek\Desktop\FRST.txt
2021-01-19 20:55 - 2021-01-19 20:55 - 000000000 ____D C:\Users\Frantisek\Desktop\Nová složka
2021-01-19 20:35 - 2021-01-19 20:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-19 20:09 - 2021-01-19 20:09 - 008458096 _____ (Malwarebytes) C:\Users\Frantisek\Desktop\adwcleaner_8.0.9.exe
2021-01-19 19:02 - 2021-01-19 20:58 - 000000000 ____D C:\FRST
2021-01-19 18:56 - 2021-01-19 18:57 - 002295808 _____ (Farbar) C:\Users\Frantisek\Desktop\FRST64.exe
2021-01-19 16:38 - 2021-01-19 16:38 - 000002968 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Davídek
2021-01-19 16:38 - 2021-01-19 16:38 - 000001437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2021-01-19 16:38 - 2021-01-19 16:38 - 000001297 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2021-01-19 16:38 - 2021-01-19 16:38 - 000001297 _____ C:\ProgramData\Desktop\IObit Uninstaller.lnk
2021-01-19 16:37 - 2021-01-19 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2021-01-19 16:22 - 2021-01-19 20:38 - 000000536 _____ C:\Users\Frantisek\Desktop\Windows (C).lnk
2021-01-19 16:22 - 2021-01-19 16:22 - 000000513 _____ C:\Users\Frantisek\Desktop\LENOVO (D).lnk
2021-01-18 14:48 - 2021-01-19 15:43 - 000000000 ____D C:\Users\Frantisek\Desktop\Granny PC
2021-01-18 10:25 - 2021-01-18 10:25 - 000000000 ____D C:\Users\Frantisek\AppData\LocalLow\DVloper
2021-01-15 08:47 - 2021-01-15 08:47 - 000138880 _____ C:\Users\Frantisek\Downloads\VY_32_INOVACE_ČJ.4.132 pololetní práce.pdf
2021-01-15 08:47 - 2021-01-15 08:47 - 000137436 _____ C:\Users\Frantisek\Downloads\Cesky jazyk 3.pdf
2021-01-14 09:28 - 2021-01-14 09:28 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 09:27 - 2021-01-14 09:27 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 09:27 - 2021-01-14 09:27 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 09:27 - 2021-01-14 09:27 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 09:27 - 2021-01-14 09:27 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 09:26 - 2021-01-14 09:26 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 09:26 - 2021-01-14 09:26 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 09:26 - 2021-01-14 09:26 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 09:26 - 2021-01-14 09:26 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 09:25 - 2021-01-14 09:25 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 09:25 - 2021-01-14 09:25 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 09:25 - 2021-01-14 09:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 09:25 - 2021-01-14 09:25 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 09:24 - 2021-01-14 09:24 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 09:24 - 2021-01-14 09:24 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 09:23 - 2021-01-14 09:23 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 09:23 - 2021-01-14 09:23 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 09:23 - 2021-01-14 09:23 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 09:22 - 2021-01-14 09:22 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 09:21 - 2021-01-14 09:21 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 09:21 - 2021-01-14 09:21 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 09:19 - 2021-01-14 09:19 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 09:19 - 2021-01-14 09:19 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 09:19 - 2021-01-14 09:19 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 09:18 - 2021-01-14 09:18 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 09:16 - 2021-01-14 09:16 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 09:16 - 2021-01-14 09:16 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 09:16 - 2021-01-14 09:16 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 09:14 - 2021-01-14 09:14 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 09:14 - 2021-01-14 09:14 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 09:12 - 2021-01-14 09:12 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 09:11 - 2021-01-14 09:11 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 09:11 - 2021-01-14 09:11 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 09:11 - 2021-01-14 09:11 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-14 09:10 - 2021-01-14 09:10 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 08:03 - 2021-01-19 20:52 - 000000000 ____D C:\Users\Frantisek\.MobiVBox
2021-01-13 15:30 - 2021-01-13 15:35 - 000000000 ____D C:\Users\Davídek\AppData\Local\MobiGame
2021-01-13 15:24 - 2021-01-13 15:33 - 000000000 ____D C:\Program Files\MobiGame
2021-01-13 15:15 - 2021-01-13 15:15 - 000000000 ____D C:\Users\Davídek
2021-01-13 15:13 - 2021-01-19 20:39 - 000000000 ____D C:\Users\Frantisek\AppData\Local\MobiGame
2021-01-13 15:09 - 2021-01-13 15:09 - 002667160 _____ () C:\Users\Frantisek\Downloads\Granny_com.dvloper.granny_gameslolc_8533348.exe
2021-01-13 14:12 - 2021-01-13 14:12 - 001227160 _____ (BlueStack Systems Inc.) C:\Users\Frantisek\Downloads\BlueStacksInstaller_4.250.0.1070_native_fc7be42215ea0fdd10070580007dbb95_R3Jhbm55(1).exe
2021-01-13 13:53 - 2021-01-13 13:54 - 001227160 _____ (BlueStack Systems Inc.) C:\Users\Frantisek\Downloads\BlueStacksInstaller_4.250.0.1070_native_fc7be42215ea0fdd10070580007dbb95_R3Jhbm55.exe
2021-01-13 13:30 - 2021-01-13 13:30 - 000000000 ____D C:\Users\Frantisek\Downloads\MEmu Download
2021-01-13 13:29 - 2021-01-13 13:29 - 000000000 ____D C:\Users\Frantisek\.MemuHyperv
2021-01-13 13:24 - 2021-01-13 13:51 - 000000000 ____D C:\Program Files (x86)\Microvirt
2021-01-13 13:19 - 2021-01-13 13:19 - 001348184 _____ () C:\Users\Frantisek\Downloads\Memu-Installer_v4.232.100.637.exe
2021-01-13 12:48 - 2021-01-13 12:48 - 000000000 ____D C:\Users\Frantisek\Desktop\angličtina nikola
2021-01-13 12:46 - 2021-01-13 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABC Kid Genius
2021-01-13 12:46 - 2021-01-13 12:46 - 000000000 ____D C:\kgdemo
2021-01-13 12:45 - 2021-01-13 12:46 - 026897528 _____ () C:\Users\Frantisek\Downloads\AbcKidGenius(1).exe
2021-01-13 12:44 - 2021-01-13 12:44 - 038589168 _____ ( ) C:\Users\Frantisek\Downloads\AbcKidGenius.exe
2021-01-13 12:32 - 2021-01-13 12:32 - 000000000 ____D C:\Users\Frantisek\AppData\Local\HiSuite
2021-01-13 10:52 - 2021-01-13 10:52 - 000468229 _____ C:\Users\Frantisek\Downloads\document(1).pdf
2021-01-12 14:44 - 2021-01-12 14:44 - 000147261 _____ C:\Users\Frantisek\Downloads\document.pdf
2021-01-08 08:20 - 2021-01-08 08:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-07 08:22 - 2021-01-08 14:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-31 20:47 - 2020-12-31 20:47 - 456329568 _____ (Microvirt Software Technology Co. Ltd.) C:\Users\Frantisek\Downloads\MEmu-Setup-7.3.2-had33c9d62.exe
2020-12-29 16:24 - 2020-12-29 16:24 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-12-29 16:24 - 2020-12-29 16:21 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-12-29 15:53 - 2020-12-29 15:53 - 030536752 _____ (Piriform Software Ltd) C:\Users\Frantisek\Downloads\ccsetup575 (1).exe
2020-12-29 15:49 - 2020-12-29 15:49 - 030536752 _____ (Piriform Software Ltd) C:\Users\Frantisek\Downloads\ccsetup575.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 20:55 - 2020-02-19 17:15 - 000000000 ____D C:\Users\Frantisek\AppData\LocalLow\Mozilla
2021-01-19 20:43 - 2020-02-19 17:14 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-19 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-19 20:34 - 2020-05-25 19:44 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Pro
2021-01-19 20:34 - 2019-08-21 20:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-19 20:33 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-19 20:32 - 2015-09-12 07:43 - 000000000 ____D C:\ProgramData\Lenovo
2021-01-19 20:32 - 2015-09-12 07:25 - 000000000 ____D C:\Program Files\Lenovo
2021-01-19 20:32 - 2015-09-12 07:21 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-01-19 20:31 - 2020-03-20 11:18 - 000000000 ____D C:\WINDOWS\Lenovo
2021-01-19 20:31 - 2019-08-21 20:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-01-19 20:31 - 2016-02-23 09:52 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Hewlett-Packard
2021-01-19 20:31 - 2016-02-23 08:56 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Hewlett-Packard
2021-01-19 20:31 - 2016-02-23 08:49 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-19 20:31 - 2016-02-23 08:46 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-01-19 20:31 - 2016-02-17 13:58 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Lenovo
2021-01-19 20:31 - 2015-09-12 07:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-01-19 20:30 - 2020-05-25 16:06 - 000000000 ____D C:\Program Files (x86)\IObit
2021-01-19 20:30 - 2020-05-25 16:05 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\IObit
2021-01-19 20:30 - 2020-05-25 16:05 - 000000000 ____D C:\ProgramData\IObit
2021-01-19 20:11 - 2020-01-08 23:09 - 000000847 _____ C:\Users\Frantisek\Desktop\Stažené soubory – zástupce.lnk
2021-01-19 19:46 - 2019-08-21 20:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-19 18:35 - 2020-07-11 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Singles
2021-01-19 18:32 - 2020-01-09 19:54 - 000000000 ___RD C:\Users\Frantisek\Desktop\hry
2021-01-19 18:31 - 2020-07-11 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barbie(TM)
2021-01-19 18:31 - 2015-09-12 07:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-19 18:30 - 2020-07-11 14:09 - 000000127 _____ C:\WINDOWS\ka.ini
2021-01-19 18:26 - 2019-12-28 11:36 - 000000000 ____D C:\Users\Frantisek\Desktop\DĚDA
2021-01-19 18:19 - 2020-11-25 11:46 - 000000000 ____D C:\Program Files (x86)\SEGA
2021-01-19 18:10 - 2020-07-11 20:22 - 000000000 ____D C:\GOG Games
2021-01-19 18:07 - 2020-07-11 13:44 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Disney Interactive Studios
2021-01-19 17:54 - 2020-10-20 13:04 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDROMEK
2021-01-19 17:54 - 2020-10-20 13:03 - 000000000 ____D C:\Program Files (x86)\Centauri
2021-01-19 17:39 - 2020-11-18 20:14 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Bluestacks
2021-01-19 17:29 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-19 16:28 - 2020-11-10 14:44 - 000000000 ____D C:\Users\Frantisek\Desktop\máma
2021-01-19 16:26 - 2020-11-18 12:35 - 000000000 ____D C:\Users\Frantisek\Desktop\ŠKOLA
2021-01-19 14:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-19 14:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-18 09:06 - 2017-12-20 21:08 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Packages
2021-01-17 17:37 - 2020-07-08 19:09 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Kodi
2021-01-16 18:31 - 2020-12-11 10:33 - 000000000 ____D C:\ProgramData\ProductData
2021-01-15 07:58 - 2017-11-28 15:37 - 000000000 ___RD C:\Users\Frantisek\3D Objects
2021-01-15 07:58 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-15 07:53 - 2019-08-22 04:04 - 000721116 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-15 07:53 - 2019-08-22 04:04 - 000146546 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-15 07:53 - 2019-08-21 20:38 - 001697934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-15 07:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-15 07:47 - 2019-08-21 20:08 - 000508976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-14 20:45 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 20:45 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 12:21 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 12:08 - 2016-02-17 14:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 09:49 - 2016-02-17 14:51 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 09:09 - 2019-08-21 20:14 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-14 08:08 - 2017-08-28 10:21 - 000000000 ____D C:\Users\Frantisek\AppData\Local\CrashDumps
2021-01-14 08:03 - 2019-08-21 20:25 - 000000000 ____D C:\Users\Frantisek
2021-01-13 16:06 - 2020-07-08 19:22 - 000001352 _____ C:\Users\Frantisek\Desktop\kodi – zástupce.lnk
2021-01-13 14:17 - 2020-11-18 20:14 - 000000000 ____D C:\Users\Public\BlueStacks
2021-01-13 13:27 - 2017-06-26 12:50 - 000000000 ____D C:\Users\Frantisek\.android
2021-01-12 15:20 - 2016-11-17 08:58 - 000376967 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-01-11 08:41 - 2020-06-16 11:31 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-08 14:24 - 2020-03-21 13:07 - 000000000 ____D C:\Users\Frantisek\Desktop\tisk MP250
2021-01-08 14:18 - 2020-03-21 13:09 - 000000000 ____D C:\ProgramData\CanonIJ
2021-01-08 14:18 - 2020-03-21 13:06 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-01-08 14:07 - 2020-02-19 17:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 08:20 - 2020-02-19 17:14 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-07 08:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-29 16:24 - 2019-03-31 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-29 16:24 - 2019-03-31 10:21 - 000000000 ____D C:\Program Files (x86)\Java
2020-12-29 16:24 - 2017-02-18 18:20 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:24 - 2017-02-18 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:07 - 2017-08-01 14:25 - 000000000 ____D C:\temp
2020-12-29 15:57 - 2020-01-12 16:53 - 000000000 ____D C:\WINDOWS\Minidump
2020-12-29 15:21 - 2019-03-04 16:47 - 000000000 ____D C:\Users\Frantisek\AppData\Local\D3DSCache
2020-12-29 14:25 - 2015-09-12 07:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Files in the root of some directories ========
2020-01-12 16:42 - 2017-05-24 09:40 - 005711776 _____ () C:\Program Files (x86)\antiporn241.exe
2020-03-04 18:35 - 2020-03-04 18:35 - 000002597 _____ () C:\Program Files (x86)\Lepsi.TV.InstallState
2018-10-17 09:43 - 2018-10-17 09:43 - 000000002 _____ () C:\Users\Frantisek\AppData\Roaming\acc.txt
2016-05-08 12:21 - 2016-05-08 12:22 - 000001691 _____ () C:\Users\Frantisek\AppData\Roaming\fastboot.log
2020-01-08 23:32 - 2020-01-08 23:32 - 000042358 _____ () C:\Users\Frantisek\AppData\Roaming\iec_0D0A0E0M0O0N0T1F1F1I1B1V0F0StJ1V1S1F1F1J1L1G1NtF1R1F1H.txt
2020-01-08 23:32 - 2020-01-08 23:32 - 000286556 _____ () C:\Users\Frantisek\AppData\Roaming\iec_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-10-17 09:57 - 2018-10-17 09:57 - 000001191 _____ () C:\Users\Frantisek\AppData\Roaming\uni.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Davídek (administrator) on LAPTOP-1A2BAFO9 (LENOVO 80M3) (19-01-2021 20:56:05)
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Davídek
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files\MobiGame\aeg_launcher.exe
() [File not signed] C:\Program Files\MobiGame\MobiGameUpdater.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Game Player) [File not signed] C:\Program Files\MobiGame\player\mobiplayer.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) [File not signed] C:\Program Files\MobiGame\vbox\MobiVBoxSVC.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [4338880 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd) [File not signed]
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Run: [Mobigame Playstore] => C:\Program Files\MobiGame\playstore\playstore.exe [169984 2020-12-06] () [File not signed]
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {5169af39-cc5a-11ea-9d0a-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {d40eb54e-c367-11ea-9d09-b46d83ba83d9} - "F:\stub.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] () [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\WINDOWS\system32\hpf3l02t.dll [138752 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\advpack.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
IFEO\AUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\AutoUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\BigUpgrade_IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\CrRestore.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\DSPut.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Feedback.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmsvc.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmui.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iu10Pre.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUProtip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUService.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iush.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUSoftUpdateTip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUXM2020.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Loader-IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\NoteIcon.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ScreenShot.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SecurityNotification_1.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SendBugReportNew.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SpecUTool.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2019-01-21]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-02-22]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02BE8CF1-0BB4-42CF-A39E-2B1FE999A83E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {0D4F4CCE-E055-4976-ACCA-2ADF104ADAF3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {0DCCC838-573D-44F5-8032-CF7A7F817964} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0DF09F9E-EC13-4F1B-8418-AE256753877C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {10287C3A-57B4-4807-B923-E1664E2C4BDB} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [528656 2019-05-22] (IObit Information Technology -> IObit)
Task: {10A062DF-6814-4F44-A30A-BD01063EE275} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe
Task: {29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10} - \Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c -> No File <==== ATTENTION
Task: {2ACEDC19-3133-4FCB-9FFC-6C1E71FD9DC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {2BF6ABA1-02C9-48D1-8D58-15BE5E8EAA32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {31A4CBF7-FBD7-4B29-910B-53E05D94D0C4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {340292CE-49E0-4C20-9152-A99ABDCA0B58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3AC1A547-8768-4CEF-B88B-3CCE9008146D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3E21CFB4-E4B6-4DDE-9566-72B0B66E8177} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {420CD1C1-86FF-4FA0-83B0-B12A5EDE55EA} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {4392A3B5-0280-40A3-919E-928DC94F6C6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {47B05644-B523-44B7-BE01-F7909A81F9FC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-909588931-3475030629-4239748838-1001 => C:\Users\Frantisek\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {4A446D9D-09D0-4F7D-9ACB-078B7A1A91AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {4BF1E12D-5EEC-4697-A386-406F17EAA49A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {4DEFED63-BC02-4525-8FF4-CBAE237FE5C1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {5B41C75D-2A80-4A79-8A30-74C1659332CF} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
Task: {5C7E366F-14DA-4C73-AB96-06CDF76B8EFF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {5C91CC50-01E4-4AD2-9A53-A4F2DF3D679C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {62268D82-C708-4D01-BD0F-5E837878FB30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {72FDCC01-83BA-49B0-B301-14BFA78C934D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443736 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {778D5342-B935-4869-9417-BD04AFD3AFE4} - \Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10 -> No File <==== ATTENTION
Task: {7841C11D-B7DE-4579-AE47-BEEE80C93F54} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-20] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {89508FB2-31F9-41F2-9F71-83F0854AC113} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {8A7C76F3-3621-4EC8-8F50-BC0DA6FEF531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {95834511-A8FA-407B-AC59-438CA5B30E7F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {97F39469-487F-4173-A1A2-89E640183F99} - \Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec -> No File <==== ATTENTION
Task: {9AE8E8F7-F542-45E2-BC95-9668072163E6} - \Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534 -> No File <==== ATTENTION
Task: {9D5CD83C-5568-4845-931C-246423EB0C70} - System32\Tasks\Uninstaller_SkipUac_Davídek => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {A5A90189-8D48-4687-8E20-0C98381D32F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {AF0CFCFE-B16F-49B8-AC47-0169C96366F2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {B2039E40-E251-49DA-993D-442C4019D38F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDDD7E7F-EF33-4702-9BBE-75669DCC2E8B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {C484020B-4116-4825-B453-33B7B90D25F1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {C7B08A7E-BB5D-41D3-822C-DFC9307DE08D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C84D79CA-AB3A-457E-B9C0-E442FB369D07} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {DEDD70B4-619A-456E-9FF5-2CF1F1124F83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {E1AD38FF-E252-42D6-9255-3E64C0B70108} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {E3F6ADE3-1F95-4BD7-B518-226E896F7A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9BF93CC-B03A-40F5-9492-BE2205801582} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {F4511039-50CC-49E9-BCFF-583D1742650A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB812180-BAE1-41E2-923C-C202025CB41B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4a6553e8-92b6-480f-b3e7-ea15ae64d737}: [NameServer] 208.67.222.123,208.67.220.123
Tcpip\..\Interfaces\{4a6553e8-92b6-480f-b3e7-ea15ae64d737}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5cb98504-278a-42f5-89b8-3ce67b2dc918}: [NameServer] 208.67.222.123,208.67.220.123
Edge:
=======
DownloadDir: C:\Users\Frantisek\Downloads
Edge Notifications: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> hxxps://www.fosshub.com; hxxps://fastshare.cz; hxxps://email08.active24.com; hxxps://www.kb.cz; hxxps://mail.google.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\Frantisek\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-13]
FireFox:
========
FF DefaultProfile: s6GBKh7b.default
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\TomTom\HOME\Profiles\7ar1ighs.default [2019-05-31]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964 [2021-01-19]
FF user.js: detected! => C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964\user.js [2020-12-11]
FF Homepage: Mozilla\Firefox\Profiles\5cj17zud.default-release-1589281251964 -> www.seznam.cz
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default [2020-12-11]
FF user.js: detected! => C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default\user.js [2020-12-11]
FF Extension: (Avira Browser Safety) - C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\s6GBKh7b.default\Extensions\abs@avira.com [2019-05-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-19]
Chrome:
=======
CHR Profile: C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default [2020-12-29]
CHR Extension: (Dokumenty) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-29]
CHR Extension: (AVG SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-02-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
Opera:
=======
OPR Profile: C:\Users\Frantisek\AppData\Roaming\Opera Software\Opera Stable [2020-12-29]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AegLauncher; C:\Program Files\MobiGame\aeg_launcher.exe [7183872 2020-12-06] () [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] (Canon Inc. -> )
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S4 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
R2 MobiGameUpdater; C:\Program Files\MobiGame\MobiGameUpdater.exe [303104 2020-12-06] () [File not signed]
S3 PACSPTISVR-Sound_Organizer; C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe [167208 2014-07-16] (Sony Corporation -> Sony Corporation)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1162000 2019-05-28] (IObit Information Technology -> IObit)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AdvancedSystemCareService13; "C:\Program Files (x86)\Advanced SystemCare Pro\ASCService.exe" [X]
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2020-07-11] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2020-07-11] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-19] (Symantec Corporation -> Symantec Corporation)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-19] (Symantec Corporation -> Symantec Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-05-25] (Martin Malik - REALiX -> REALiX(tm))
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44112 2019-07-30] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2019-07-30] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2019-07-30] (IObit Information Technology -> IObit)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2020-10-09] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R1 MobiVBoxDrv; C:\Program Files\MobiGame\vbox\MobiVBoxDrv.sys [314688 2020-11-11] (Iron Entertainment Inc. -> Oracle Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-04-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [52224 2004-01-26] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [95552 2004-01-26] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2016-05-24] (Corel Corporation -> Corel Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2019-03-19] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\system32\DRIVERS\WSDScan.sys [26112 2019-03-19] (Microsoft Corporation) [File not signed]
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 20:56 - 2021-01-19 20:59 - 000035102 _____ C:\Users\Frantisek\Desktop\FRST.txt
2021-01-19 20:55 - 2021-01-19 20:55 - 000000000 ____D C:\Users\Frantisek\Desktop\Nová složka
2021-01-19 20:35 - 2021-01-19 20:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-19 20:09 - 2021-01-19 20:09 - 008458096 _____ (Malwarebytes) C:\Users\Frantisek\Desktop\adwcleaner_8.0.9.exe
2021-01-19 19:02 - 2021-01-19 20:58 - 000000000 ____D C:\FRST
2021-01-19 18:56 - 2021-01-19 18:57 - 002295808 _____ (Farbar) C:\Users\Frantisek\Desktop\FRST64.exe
2021-01-19 16:38 - 2021-01-19 16:38 - 000002968 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Davídek
2021-01-19 16:38 - 2021-01-19 16:38 - 000001437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2021-01-19 16:38 - 2021-01-19 16:38 - 000001297 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2021-01-19 16:38 - 2021-01-19 16:38 - 000001297 _____ C:\ProgramData\Desktop\IObit Uninstaller.lnk
2021-01-19 16:37 - 2021-01-19 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2021-01-19 16:22 - 2021-01-19 20:38 - 000000536 _____ C:\Users\Frantisek\Desktop\Windows (C).lnk
2021-01-19 16:22 - 2021-01-19 16:22 - 000000513 _____ C:\Users\Frantisek\Desktop\LENOVO (D).lnk
2021-01-18 14:48 - 2021-01-19 15:43 - 000000000 ____D C:\Users\Frantisek\Desktop\Granny PC
2021-01-18 10:25 - 2021-01-18 10:25 - 000000000 ____D C:\Users\Frantisek\AppData\LocalLow\DVloper
2021-01-15 08:47 - 2021-01-15 08:47 - 000138880 _____ C:\Users\Frantisek\Downloads\VY_32_INOVACE_ČJ.4.132 pololetní práce.pdf
2021-01-15 08:47 - 2021-01-15 08:47 - 000137436 _____ C:\Users\Frantisek\Downloads\Cesky jazyk 3.pdf
2021-01-14 09:28 - 2021-01-14 09:28 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 09:27 - 2021-01-14 09:27 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 09:27 - 2021-01-14 09:27 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 09:27 - 2021-01-14 09:27 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 09:27 - 2021-01-14 09:27 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 09:26 - 2021-01-14 09:26 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 09:26 - 2021-01-14 09:26 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 09:26 - 2021-01-14 09:26 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 09:26 - 2021-01-14 09:26 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 09:25 - 2021-01-14 09:25 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 09:25 - 2021-01-14 09:25 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 09:25 - 2021-01-14 09:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 09:25 - 2021-01-14 09:25 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 09:24 - 2021-01-14 09:24 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 09:24 - 2021-01-14 09:24 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 09:23 - 2021-01-14 09:23 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 09:23 - 2021-01-14 09:23 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 09:23 - 2021-01-14 09:23 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 09:23 - 2021-01-14 09:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 09:22 - 2021-01-14 09:22 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 09:21 - 2021-01-14 09:21 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 09:21 - 2021-01-14 09:21 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 09:19 - 2021-01-14 09:19 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 09:19 - 2021-01-14 09:19 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 09:19 - 2021-01-14 09:19 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 09:18 - 2021-01-14 09:18 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 09:16 - 2021-01-14 09:16 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 09:16 - 2021-01-14 09:16 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 09:16 - 2021-01-14 09:16 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 09:14 - 2021-01-14 09:14 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 09:14 - 2021-01-14 09:14 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 09:12 - 2021-01-14 09:12 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 09:11 - 2021-01-14 09:11 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 09:11 - 2021-01-14 09:11 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 09:11 - 2021-01-14 09:11 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-14 09:10 - 2021-01-14 09:10 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 08:03 - 2021-01-19 20:52 - 000000000 ____D C:\Users\Frantisek\.MobiVBox
2021-01-13 15:30 - 2021-01-13 15:35 - 000000000 ____D C:\Users\Davídek\AppData\Local\MobiGame
2021-01-13 15:24 - 2021-01-13 15:33 - 000000000 ____D C:\Program Files\MobiGame
2021-01-13 15:15 - 2021-01-13 15:15 - 000000000 ____D C:\Users\Davídek
2021-01-13 15:13 - 2021-01-19 20:39 - 000000000 ____D C:\Users\Frantisek\AppData\Local\MobiGame
2021-01-13 15:09 - 2021-01-13 15:09 - 002667160 _____ () C:\Users\Frantisek\Downloads\Granny_com.dvloper.granny_gameslolc_8533348.exe
2021-01-13 14:12 - 2021-01-13 14:12 - 001227160 _____ (BlueStack Systems Inc.) C:\Users\Frantisek\Downloads\BlueStacksInstaller_4.250.0.1070_native_fc7be42215ea0fdd10070580007dbb95_R3Jhbm55(1).exe
2021-01-13 13:53 - 2021-01-13 13:54 - 001227160 _____ (BlueStack Systems Inc.) C:\Users\Frantisek\Downloads\BlueStacksInstaller_4.250.0.1070_native_fc7be42215ea0fdd10070580007dbb95_R3Jhbm55.exe
2021-01-13 13:30 - 2021-01-13 13:30 - 000000000 ____D C:\Users\Frantisek\Downloads\MEmu Download
2021-01-13 13:29 - 2021-01-13 13:29 - 000000000 ____D C:\Users\Frantisek\.MemuHyperv
2021-01-13 13:24 - 2021-01-13 13:51 - 000000000 ____D C:\Program Files (x86)\Microvirt
2021-01-13 13:19 - 2021-01-13 13:19 - 001348184 _____ () C:\Users\Frantisek\Downloads\Memu-Installer_v4.232.100.637.exe
2021-01-13 12:48 - 2021-01-13 12:48 - 000000000 ____D C:\Users\Frantisek\Desktop\angličtina nikola
2021-01-13 12:46 - 2021-01-13 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABC Kid Genius
2021-01-13 12:46 - 2021-01-13 12:46 - 000000000 ____D C:\kgdemo
2021-01-13 12:45 - 2021-01-13 12:46 - 026897528 _____ () C:\Users\Frantisek\Downloads\AbcKidGenius(1).exe
2021-01-13 12:44 - 2021-01-13 12:44 - 038589168 _____ ( ) C:\Users\Frantisek\Downloads\AbcKidGenius.exe
2021-01-13 12:32 - 2021-01-13 12:32 - 000000000 ____D C:\Users\Frantisek\AppData\Local\HiSuite
2021-01-13 10:52 - 2021-01-13 10:52 - 000468229 _____ C:\Users\Frantisek\Downloads\document(1).pdf
2021-01-12 14:44 - 2021-01-12 14:44 - 000147261 _____ C:\Users\Frantisek\Downloads\document.pdf
2021-01-08 08:20 - 2021-01-08 08:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-07 08:22 - 2021-01-08 14:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-31 20:47 - 2020-12-31 20:47 - 456329568 _____ (Microvirt Software Technology Co. Ltd.) C:\Users\Frantisek\Downloads\MEmu-Setup-7.3.2-had33c9d62.exe
2020-12-29 16:24 - 2020-12-29 16:24 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-12-29 16:24 - 2020-12-29 16:21 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-12-29 15:53 - 2020-12-29 15:53 - 030536752 _____ (Piriform Software Ltd) C:\Users\Frantisek\Downloads\ccsetup575 (1).exe
2020-12-29 15:49 - 2020-12-29 15:49 - 030536752 _____ (Piriform Software Ltd) C:\Users\Frantisek\Downloads\ccsetup575.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 20:55 - 2020-02-19 17:15 - 000000000 ____D C:\Users\Frantisek\AppData\LocalLow\Mozilla
2021-01-19 20:43 - 2020-02-19 17:14 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-19 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-19 20:34 - 2020-05-25 19:44 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Pro
2021-01-19 20:34 - 2019-08-21 20:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-19 20:33 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-19 20:32 - 2015-09-12 07:43 - 000000000 ____D C:\ProgramData\Lenovo
2021-01-19 20:32 - 2015-09-12 07:25 - 000000000 ____D C:\Program Files\Lenovo
2021-01-19 20:32 - 2015-09-12 07:21 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-01-19 20:31 - 2020-03-20 11:18 - 000000000 ____D C:\WINDOWS\Lenovo
2021-01-19 20:31 - 2019-08-21 20:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-01-19 20:31 - 2016-02-23 09:52 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Hewlett-Packard
2021-01-19 20:31 - 2016-02-23 08:56 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Hewlett-Packard
2021-01-19 20:31 - 2016-02-23 08:49 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-19 20:31 - 2016-02-23 08:46 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-01-19 20:31 - 2016-02-17 13:58 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Lenovo
2021-01-19 20:31 - 2015-09-12 07:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-01-19 20:30 - 2020-05-25 16:06 - 000000000 ____D C:\Program Files (x86)\IObit
2021-01-19 20:30 - 2020-05-25 16:05 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\IObit
2021-01-19 20:30 - 2020-05-25 16:05 - 000000000 ____D C:\ProgramData\IObit
2021-01-19 20:11 - 2020-01-08 23:09 - 000000847 _____ C:\Users\Frantisek\Desktop\Stažené soubory – zástupce.lnk
2021-01-19 19:46 - 2019-08-21 20:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-19 18:35 - 2020-07-11 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Singles
2021-01-19 18:32 - 2020-01-09 19:54 - 000000000 ___RD C:\Users\Frantisek\Desktop\hry
2021-01-19 18:31 - 2020-07-11 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barbie(TM)
2021-01-19 18:31 - 2015-09-12 07:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-19 18:30 - 2020-07-11 14:09 - 000000127 _____ C:\WINDOWS\ka.ini
2021-01-19 18:26 - 2019-12-28 11:36 - 000000000 ____D C:\Users\Frantisek\Desktop\DĚDA
2021-01-19 18:19 - 2020-11-25 11:46 - 000000000 ____D C:\Program Files (x86)\SEGA
2021-01-19 18:10 - 2020-07-11 20:22 - 000000000 ____D C:\GOG Games
2021-01-19 18:07 - 2020-07-11 13:44 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Disney Interactive Studios
2021-01-19 17:54 - 2020-10-20 13:04 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDROMEK
2021-01-19 17:54 - 2020-10-20 13:03 - 000000000 ____D C:\Program Files (x86)\Centauri
2021-01-19 17:39 - 2020-11-18 20:14 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Bluestacks
2021-01-19 17:29 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-19 16:28 - 2020-11-10 14:44 - 000000000 ____D C:\Users\Frantisek\Desktop\máma
2021-01-19 16:26 - 2020-11-18 12:35 - 000000000 ____D C:\Users\Frantisek\Desktop\ŠKOLA
2021-01-19 14:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-19 14:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-18 09:06 - 2017-12-20 21:08 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Packages
2021-01-17 17:37 - 2020-07-08 19:09 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Kodi
2021-01-16 18:31 - 2020-12-11 10:33 - 000000000 ____D C:\ProgramData\ProductData
2021-01-15 07:58 - 2017-11-28 15:37 - 000000000 ___RD C:\Users\Frantisek\3D Objects
2021-01-15 07:58 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-15 07:53 - 2019-08-22 04:04 - 000721116 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-15 07:53 - 2019-08-22 04:04 - 000146546 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-15 07:53 - 2019-08-21 20:38 - 001697934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-15 07:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-15 07:47 - 2019-08-21 20:08 - 000508976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-14 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-14 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-14 20:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-14 20:45 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 20:45 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-14 20:45 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 12:21 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 12:08 - 2016-02-17 14:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 09:49 - 2016-02-17 14:51 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 09:09 - 2019-08-21 20:14 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-14 08:08 - 2017-08-28 10:21 - 000000000 ____D C:\Users\Frantisek\AppData\Local\CrashDumps
2021-01-14 08:03 - 2019-08-21 20:25 - 000000000 ____D C:\Users\Frantisek
2021-01-13 16:06 - 2020-07-08 19:22 - 000001352 _____ C:\Users\Frantisek\Desktop\kodi – zástupce.lnk
2021-01-13 14:17 - 2020-11-18 20:14 - 000000000 ____D C:\Users\Public\BlueStacks
2021-01-13 13:27 - 2017-06-26 12:50 - 000000000 ____D C:\Users\Frantisek\.android
2021-01-12 15:20 - 2016-11-17 08:58 - 000376967 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-01-11 08:41 - 2020-06-16 11:31 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-08 14:24 - 2020-03-21 13:07 - 000000000 ____D C:\Users\Frantisek\Desktop\tisk MP250
2021-01-08 14:18 - 2020-03-21 13:09 - 000000000 ____D C:\ProgramData\CanonIJ
2021-01-08 14:18 - 2020-03-21 13:06 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-01-08 14:07 - 2020-02-19 17:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 08:20 - 2020-02-19 17:14 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-07 08:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-29 16:24 - 2019-03-31 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-29 16:24 - 2019-03-31 10:21 - 000000000 ____D C:\Program Files (x86)\Java
2020-12-29 16:24 - 2017-02-18 18:20 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:24 - 2017-02-18 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 16:07 - 2017-08-01 14:25 - 000000000 ____D C:\temp
2020-12-29 15:57 - 2020-01-12 16:53 - 000000000 ____D C:\WINDOWS\Minidump
2020-12-29 15:21 - 2019-03-04 16:47 - 000000000 ____D C:\Users\Frantisek\AppData\Local\D3DSCache
2020-12-29 14:25 - 2015-09-12 07:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Files in the root of some directories ========
2020-01-12 16:42 - 2017-05-24 09:40 - 005711776 _____ () C:\Program Files (x86)\antiporn241.exe
2020-03-04 18:35 - 2020-03-04 18:35 - 000002597 _____ () C:\Program Files (x86)\Lepsi.TV.InstallState
2018-10-17 09:43 - 2018-10-17 09:43 - 000000002 _____ () C:\Users\Frantisek\AppData\Roaming\acc.txt
2016-05-08 12:21 - 2016-05-08 12:22 - 000001691 _____ () C:\Users\Frantisek\AppData\Roaming\fastboot.log
2020-01-08 23:32 - 2020-01-08 23:32 - 000042358 _____ () C:\Users\Frantisek\AppData\Roaming\iec_0D0A0E0M0O0N0T1F1F1I1B1V0F0StJ1V1S1F1F1J1L1G1NtF1R1F1H.txt
2020-01-08 23:32 - 2020-01-08 23:32 - 000286556 _____ () C:\Users\Frantisek\AppData\Roaming\iec_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-10-17 09:57 - 2018-10-17 09:57 - 000001191 _____ () C:\Users\Frantisek\AppData\Roaming\uni.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: zpomalené pc 2
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2021
Ran by Davídek (19-01-2021 21:07:00)
Running from C:\Users\Frantisek\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2019-08-21 20:01:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-909588931-3475030629-4239748838-500 - Administrator - Disabled)
Davídek (S-1-5-21-909588931-3475030629-4239748838-1001 - Administrator - Enabled) => C:\Users\Frantisek
DefaultAccount (S-1-5-21-909588931-3475030629-4239748838-503 - Limited - Disabled)
Guest (S-1-5-21-909588931-3475030629-4239748838-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-909588931-3475030629-4239748838-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-909588931-3475030629-4239748838-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABC Kid Genius (HKLM-x32\...\ABC Kid Genius) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Barbie(TM) Dobrodružství s koňmi(TM) (HKLM-x32\...\{F827DB7E-9F8F-46BA-9F22-46CE2CEE1D7E}) (Version: 1.00.0000 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
Databox Server (HKLM-x32\...\Databox Databázový server_is1) (Version: 2.0 - SYSTEGRA s.r.o.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.23.1.1 - SCS Software)
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.8.1626.68 - Software602 a.s.)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Gemplus Smart Card Reader Tools (HKLM-x32\...\Gemplus Smart Card Reader Tools) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GMX - Enhanced by Google (HKLM-x32\...\{5086B846-0006-69C6-B186-19466106CAC6}) (Version: - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
iCloud (HKLM\...\{2C05E99A-94F0-4F95-B602-CD2D2682D6C3}) (Version: 7.13.0.14 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
iTunes (HKLM\...\{A39EE3D3-411E-472C-AF73-9D751E37A7EE}) (Version: 12.10.0.7 - Apple Inc.)
Jane Angel 2 - Děti temnoty (HKLM-x32\...\{Jane Angel 2 - Deti temnoty}_is1) (Version: - Spidla Data Processing, s.r.o.)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kodi (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Kodi) (Version: - XBMC Foundation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Media Player Codec Pack 4.4.6 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.6 - Media Player Codec Pack)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12527.21416 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MobiGame (HKLM\...\{0CD5AE2D-BB58-4E35-8B5C-AFE9A4980E1A}) (Version: 3.15.8.0 - MobiGame)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
Mystery Maze Of Balthasar Castle (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Mystery Maze Of Balthasar Castle) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Readiris Pro 14 (HKLM-x32\...\{253FD6A5-CE77-4FBC-A937-202D15808D0C}) (Version: 14.00.7277 - I.R.I.S.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Registrace uživatele zařízení Canon MP250 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP250 series) (Version: - )
Sound Organizer (HKLM-x32\...\{1452627B-3FC3-4979-A11A-C5F877D8286E}) (Version: 1.6.0.07210 - Sony Corporation)
Sousedé z pekla 2 (HKLM-x32\...\{F5AB23F4-796A-4929-99D9-71F09F145A0B}) (Version: 1.0.0 - JoWooD)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 5.3.0.1 - IObit)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.32462 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VLC Media Player verze 1.5 (HKLM-x32\...\VLC Media Player_is1) (Version: 1.5 - )
WhatsApp (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\WhatsApp) (Version: 2.2045.19 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2021-01-06] (HP Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-19] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Specialista na otvírání -> C:\Program Files\WindowsApps\32795SoftwareSpecialist.OpenSpecialist_1.3.1.0_x86__gqsbwgjpx5caa [2018-05-28] (Software Specialist)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-24] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-07-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\SysWOW64\ir50_32original.dll [746496 2019-03-19] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\SysWOW64\iac25_32.ax [197632 2019-03-19] (Microsoft Windows -> Intel Corporation)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-12-06 23:29 - 2020-12-06 23:29 - 000286720 _____ () [File not signed] C:\Program Files\MobiGame\player\EGL_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000487424 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_CM_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 001502720 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_V2_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000009728 _____ () [File not signed] C:\Program Files\MobiGame\player\logging.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000610816 _____ () [File not signed] C:\Program Files\MobiGame\player\OpenglRender.dll
2016-02-23 09:16 - 2012-09-29 13:25 - 000074240 _____ () [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000028112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qsvg.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000506832 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qwebp.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000740304 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\Qt5Multimedia.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Frantisek:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Templates:gs5sys [2048]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKLM -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {2135472E-A2C6-4B57-8526-7D6B76DE26F7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\.DEFAULT -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL =
SearchScopes: HKU\.DEFAULT -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\sharepoint.com -> hxxps://ecentral-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2018-12-03 16:37 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
2017-12-05 16:15 - 2017-12-05 16:20 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 208.67.222.123 - 208.67.220.123
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{16802A97-6DFD-4669-A8BF-499E6C9EB2E7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C388C2F9-CF48-47C0-90A4-A8B1597DFA7F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD4DA2CC-CE6D-43BF-BE66-4F5FEB6E5C14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0E8B015-1BA7-40AC-A94D-2BE70B0CAC59}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0A40904-E879-46FB-8668-6085AEFF6838}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F25AFF4F-4882-448B-8229-63A0B1BF0AFA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3C0E4EE-8768-470D-9A0F-725469A977A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52CEF164-09B4-4B9B-A4C4-8937C734C2A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7B502681-15E0-4DB3-BE70-64741F76444E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{660B530A-AB34-45A3-9B12-5279AB8E5D15}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{458FD913-108E-49CB-BE5D-013DF1F87025}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{DAAAAD19-564E-4F78-8337-708FC78C5639}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D82F5222-2050-4B2B-894C-4C96A71B3B9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A9722EF2-9DAF-4724-A72A-B6E2E559DAFC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0BCFB784-E47F-4868-B198-E82AA39E16E2}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FB430001-E768-4E28-A00E-D5F811AE1CE8}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Mystery Maze Of Balthasar Castle\Mystery Maze of Balthasar Castle.exe (Alawar Entertainment Inc -> )
FirewallRules: [{0D280591-AE9D-44A0-B468-D33B8253A42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85B5B33A-A726-4EFD-A4D7-FF5C0A6FB779}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2EC61760-F657-4059-8395-7404CF458DFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21C32423-A241-4499-8801-1246087CC42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9EB99AF-1BC5-4654-9B5C-CA990E00AAFC}] => (Allow) C:\Program Files\MobiGame\player\mobiplayer.exe (Game Player) [File not signed]
FirewallRules: [{0996E6E9-69D1-47FC-8003-DAA626FF7687}] => (Allow) C:\Program Files\MobiGame\vbox\vboxheadless.exe (Iron Entertainment Inc. -> Oracle Corporation)
==================== Restore Points =========================
07-01-2021 12:04:53 Naplánovaný kontrolní bod
13-01-2021 15:43:33 Windows Update
19-01-2021 20:25:10 AdwCleaner_BeforeCleaning_19/01/2021_20:25:06
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/19/2021 08:48:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:45:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (01/19/2021 08:37:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (8724,R,98) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00060.log došlo k chybě -1811 (0xfffff8ed).
Error: (01/19/2021 08:35:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-1A2BAFO9.local already in use; will try LAPTOP-1A2BAFO9-2.local instead
Error: (01/19/2021 08:35:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 LAPTOP-1A2BAFO9.local. Addr 10.0.0.6
Error: (01/19/2021 08:35:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.6:5353 16 LAPTOP-1A2BAFO9.local. AAAA 2A00
83B4:3F42:057E:0C8E:EBB4:3E6E
Error: (01/19/2021 08:26:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
Error: (01/19/2021 08:25:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/19/2021 08:39:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/19/2021 08:37:00 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/19/2021 08:36:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CCSDK neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/19/2021 08:35:14 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (30:74:96:01:ae:6f) se nezdařilo.
Error: (01/19/2021 08:34:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AdvancedSystemCareService13 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/19/2021 08:34:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys
Error: (01/19/2021 08:33:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (01/19/2021 08:30:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2020-12-11 11:34:48.022
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\ESET\ESET Security\ekrn.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:34:48.021Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files\ESET\ESET Security\ekrn.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:24:52.133
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe možnost upravit %userprofile%\Documents\Euro Truck Simulator 2\.
Čas detekce: 2020-12-11T10:24:52.132Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: %userprofile%\Documents\Euro Truck Simulator 2\
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:23:40.663
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:23:40.662Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:20.046
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:20.045Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:02.218
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:02.217Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume4
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-11-18 09:05:47.206
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1003.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-16 08:18:44.109
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.893.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-14 20:31:15.827
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.840.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2021-01-19 20:42:05.022
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:42:04.983
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:42:04.717
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.478
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.396
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.133
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.090
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 10:56:32.294
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO C9CN33WW 08/26/2015
Motherboard: LENOVO Paris G 5A6
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 73%
Total physical RAM: 4008.27 MB
Available physical RAM: 1065.2 MB
Total Virtual: 6440.27 MB
Available Virtual: 3046.64 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:419.48 GB) (Free:326.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:6.64 GB) NTFS
\\?\Volume{f23e42ef-65b9-45b8-8527-935fd114e162}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{f9b1f2ec-d035-4230-8fb9-d2c2bbbd94f6}\ (LENOVO_PART) (Fixed) (Total:19.05 GB) (Free:5.92 GB) NTFS
\\?\Volume{45d871ad-6fee-4297-b557-d3e4a9e89924}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9926270)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Davídek (19-01-2021 21:07:00)
Running from C:\Users\Frantisek\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2019-08-21 20:01:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-909588931-3475030629-4239748838-500 - Administrator - Disabled)
Davídek (S-1-5-21-909588931-3475030629-4239748838-1001 - Administrator - Enabled) => C:\Users\Frantisek
DefaultAccount (S-1-5-21-909588931-3475030629-4239748838-503 - Limited - Disabled)
Guest (S-1-5-21-909588931-3475030629-4239748838-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-909588931-3475030629-4239748838-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-909588931-3475030629-4239748838-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABC Kid Genius (HKLM-x32\...\ABC Kid Genius) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Barbie(TM) Dobrodružství s koňmi(TM) (HKLM-x32\...\{F827DB7E-9F8F-46BA-9F22-46CE2CEE1D7E}) (Version: 1.00.0000 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
Databox Server (HKLM-x32\...\Databox Databázový server_is1) (Version: 2.0 - SYSTEGRA s.r.o.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.23.1.1 - SCS Software)
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.8.1626.68 - Software602 a.s.)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Gemplus Smart Card Reader Tools (HKLM-x32\...\Gemplus Smart Card Reader Tools) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GMX - Enhanced by Google (HKLM-x32\...\{5086B846-0006-69C6-B186-19466106CAC6}) (Version: - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
iCloud (HKLM\...\{2C05E99A-94F0-4F95-B602-CD2D2682D6C3}) (Version: 7.13.0.14 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
iTunes (HKLM\...\{A39EE3D3-411E-472C-AF73-9D751E37A7EE}) (Version: 12.10.0.7 - Apple Inc.)
Jane Angel 2 - Děti temnoty (HKLM-x32\...\{Jane Angel 2 - Deti temnoty}_is1) (Version: - Spidla Data Processing, s.r.o.)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kodi (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Kodi) (Version: - XBMC Foundation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Media Player Codec Pack 4.4.6 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.6 - Media Player Codec Pack)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12527.21416 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MobiGame (HKLM\...\{0CD5AE2D-BB58-4E35-8B5C-AFE9A4980E1A}) (Version: 3.15.8.0 - MobiGame)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
Mystery Maze Of Balthasar Castle (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\Mystery Maze Of Balthasar Castle) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Readiris Pro 14 (HKLM-x32\...\{253FD6A5-CE77-4FBC-A937-202D15808D0C}) (Version: 14.00.7277 - I.R.I.S.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Registrace uživatele zařízení Canon MP250 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP250 series) (Version: - )
Sound Organizer (HKLM-x32\...\{1452627B-3FC3-4979-A11A-C5F877D8286E}) (Version: 1.6.0.07210 - Sony Corporation)
Sousedé z pekla 2 (HKLM-x32\...\{F5AB23F4-796A-4929-99D9-71F09F145A0B}) (Version: 1.0.0 - JoWooD)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 5.3.0.1 - IObit)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.32462 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VLC Media Player verze 1.5 (HKLM-x32\...\VLC Media Player_is1) (Version: 1.5 - )
WhatsApp (HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\WhatsApp) (Version: 2.2045.19 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2021-01-06] (HP Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-19] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Specialista na otvírání -> C:\Program Files\WindowsApps\32795SoftwareSpecialist.OpenSpecialist_1.3.1.0_x86__gqsbwgjpx5caa [2018-05-28] (Software Specialist)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-24] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-909588931-3475030629-4239748838-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Frantisek\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-07-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\SysWOW64\ir50_32original.dll [746496 2019-03-19] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\SysWOW64\iac25_32.ax [197632 2019-03-19] (Microsoft Windows -> Intel Corporation)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-12-06 23:29 - 2020-12-06 23:29 - 000286720 _____ () [File not signed] C:\Program Files\MobiGame\player\EGL_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000487424 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_CM_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 001502720 _____ () [File not signed] C:\Program Files\MobiGame\player\GLES_V2_translator.DLL
2020-12-06 23:29 - 2020-12-06 23:29 - 000009728 _____ () [File not signed] C:\Program Files\MobiGame\player\logging.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000610816 _____ () [File not signed] C:\Program Files\MobiGame\player\OpenglRender.dll
2016-02-23 09:16 - 2012-09-29 13:25 - 000074240 _____ () [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000028112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qsvg.dll
2020-12-06 23:30 - 2020-12-06 23:30 - 000506832 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\imageformats\qwebp.dll
2020-12-06 23:29 - 2020-12-06 23:29 - 000740304 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\MobiGame\player\Qt5Multimedia.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Frantisek:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Templates:gs5sys [2048]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKLM -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKLM-x32 -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w04&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\.DEFAULT -> {2135472E-A2C6-4B57-8526-7D6B76DE26F7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\.DEFAULT -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL =
SearchScopes: HKU\.DEFAULT -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-29] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-22] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\sharepoint.com -> hxxps://ecentral-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2018-12-03 16:37 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
2017-12-05 16:15 - 2017-12-05 16:20 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 208.67.222.123 - 208.67.220.123
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{16802A97-6DFD-4669-A8BF-499E6C9EB2E7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C388C2F9-CF48-47C0-90A4-A8B1597DFA7F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD4DA2CC-CE6D-43BF-BE66-4F5FEB6E5C14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0E8B015-1BA7-40AC-A94D-2BE70B0CAC59}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0A40904-E879-46FB-8668-6085AEFF6838}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F25AFF4F-4882-448B-8229-63A0B1BF0AFA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3C0E4EE-8768-470D-9A0F-725469A977A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52CEF164-09B4-4B9B-A4C4-8937C734C2A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7B502681-15E0-4DB3-BE70-64741F76444E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{660B530A-AB34-45A3-9B12-5279AB8E5D15}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{458FD913-108E-49CB-BE5D-013DF1F87025}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{DAAAAD19-564E-4F78-8337-708FC78C5639}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D82F5222-2050-4B2B-894C-4C96A71B3B9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A9722EF2-9DAF-4724-A72A-B6E2E559DAFC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0BCFB784-E47F-4868-B198-E82AA39E16E2}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FB430001-E768-4E28-A00E-D5F811AE1CE8}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Mystery Maze Of Balthasar Castle\Mystery Maze of Balthasar Castle.exe (Alawar Entertainment Inc -> )
FirewallRules: [{0D280591-AE9D-44A0-B468-D33B8253A42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85B5B33A-A726-4EFD-A4D7-FF5C0A6FB779}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2EC61760-F657-4059-8395-7404CF458DFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21C32423-A241-4499-8801-1246087CC42A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9EB99AF-1BC5-4654-9B5C-CA990E00AAFC}] => (Allow) C:\Program Files\MobiGame\player\mobiplayer.exe (Game Player) [File not signed]
FirewallRules: [{0996E6E9-69D1-47FC-8003-DAA626FF7687}] => (Allow) C:\Program Files\MobiGame\vbox\vboxheadless.exe (Iron Entertainment Inc. -> Oracle Corporation)
==================== Restore Points =========================
07-01-2021 12:04:53 Naplánovaný kontrolní bod
13-01-2021 15:43:33 Windows Update
19-01-2021 20:25:10 AdwCleaner_BeforeCleaning_19/01/2021_20:25:06
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/19/2021 08:48:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:45:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (01/19/2021 08:37:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (8724,R,98) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00060.log došlo k chybě -1811 (0xfffff8ed).
Error: (01/19/2021 08:35:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-1A2BAFO9.local already in use; will try LAPTOP-1A2BAFO9-2.local instead
Error: (01/19/2021 08:35:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 LAPTOP-1A2BAFO9.local. Addr 10.0.0.6
Error: (01/19/2021 08:35:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.6:5353 16 LAPTOP-1A2BAFO9.local. AAAA 2A00
83B4:3F42:057E:0C8E:EBB4:3E6EError: (01/19/2021 08:26:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.
System Error:
The resource loader failed to find MUI file.
.
Error: (01/19/2021 08:25:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/19/2021 08:39:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/19/2021 08:37:00 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-1A2BAFO9)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/19/2021 08:36:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CCSDK neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/19/2021 08:35:14 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (30:74:96:01:ae:6f) se nezdařilo.
Error: (01/19/2021 08:34:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AdvancedSystemCareService13 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/19/2021 08:34:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys
Error: (01/19/2021 08:33:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (01/19/2021 08:30:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2020-12-11 11:34:48.022
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\ESET\ESET Security\ekrn.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:34:48.021Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files\ESET\ESET Security\ekrn.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:24:52.133
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe možnost upravit %userprofile%\Documents\Euro Truck Simulator 2\.
Čas detekce: 2020-12-11T10:24:52.132Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: %userprofile%\Documents\Euro Truck Simulator 2\
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Suc12_DiskCleaner.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:23:40.663
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:23:40.662Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\Sur11_ShortcutFixer.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:20.046
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:20.045Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume3
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-12-11 11:14:02.218
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe provádění změn v paměti.
Čas detekce: 2020-12-11T10:14:02.217Z
Uživatel: LAPTOP-1A2BAFO9\Davídek
Cesta: \Device\HarddiskVolume4
Název procesu: C:\Program Files (x86)\Advanced SystemCare Pro\DiskDoctor_DiskScan.exe
Verze bezpečnostních informací: 1.329.198.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6
Date: 2020-11-18 09:05:47.206
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1003.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-16 08:18:44.109
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.893.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-11-14 20:31:15.827
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.840.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2021-01-19 20:42:05.022
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:42:04.983
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:42:04.717
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.478
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.396
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.133
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 20:41:08.090
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-19 10:56:32.294
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO C9CN33WW 08/26/2015
Motherboard: LENOVO Paris G 5A6
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 73%
Total physical RAM: 4008.27 MB
Available physical RAM: 1065.2 MB
Total Virtual: 6440.27 MB
Available Virtual: 3046.64 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:419.48 GB) (Free:326.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:6.64 GB) NTFS
\\?\Volume{f23e42ef-65b9-45b8-8527-935fd114e162}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{f9b1f2ec-d035-4230-8fb9-d2c2bbbd94f6}\ (LENOVO_PART) (Fixed) (Total:19.05 GB) (Free:5.92 GB) NTFS
\\?\Volume{45d871ad-6fee-4297-b557-d3e4a9e89924}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9926270)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomalené pc 2
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Frantisek:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Templates:gs5sys [2048]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
SearchScopes: HKU\.DEFAULT -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL =
SearchScopes: HKU\.DEFAULT -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL =
Toolbar: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Program Files (x86)\IObit
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {5169af39-cc5a-11ea-9d0a-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {d40eb54e-c367-11ea-9d09-b46d83ba83d9} - "F:\stub.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
IFEO\AUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\AutoUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\BigUpgrade_IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\CrRestore.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\DSPut.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Feedback.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmsvc.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmui.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iu10Pre.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUProtip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUService.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iush.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUSoftUpdateTip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUXM2020.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Loader-IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\NoteIcon.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ScreenShot.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SecurityNotification_1.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SendBugReportNew.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SpecUTool.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0DCCC838-573D-44F5-8032-CF7A7F817964} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {10287C3A-57B4-4807-B923-E1664E2C4BDB} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [528656 2019-05-22] (IObit Information Technology -> IObit)
Task: {29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10} - \Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c -> No File <==== ATTENTION
Task: {4392A3B5-0280-40A3-919E-928DC94F6C6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {340292CE-49E0-4C20-9152-A99ABDCA0B58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3AC1A547-8768-4CEF-B88B-3CCE9008146D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {4DEFED63-BC02-4525-8FF4-CBAE237FE5C1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {778D5342-B935-4869-9417-BD04AFD3AFE4} - \Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10 -> No File <==== ATTENTION
Task: {97F39469-487F-4173-A1A2-89E640183F99} - \Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec -> No File <==== ATTENTION
Task: {9AE8E8F7-F542-45E2-BC95-9668072163E6} - \Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534 -> No File <==== ATTENTION
Task: {EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Program Files (x86)\Advanced SystemCare Pro
C:\Program Files (x86)\IObit
C:\Users\Frantisek\AppData\Roaming\IObit
C:\ProgramData\IObit
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zpomalené pc 2
Fix result of Farbar Recovery Scan Tool (x64) Version: 19-01-2021
Ran by Davídek (19-01-2021 22:06:46) Run:1
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Davídek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Frantisek:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Templates:gs5sys [2048]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
SearchScopes: HKU\.DEFAULT -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL =
SearchScopes: HKU\.DEFAULT -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL =
Toolbar: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Program Files (x86)\IObit
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {5169af39-cc5a-11ea-9d0a-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {d40eb54e-c367-11ea-9d09-b46d83ba83d9} - "F:\stub.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
IFEO\AUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\AutoUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\BigUpgrade_IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\CrRestore.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\DSPut.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Feedback.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmsvc.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmui.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iu10Pre.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUProtip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUService.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iush.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUSoftUpdateTip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUXM2020.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Loader-IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\NoteIcon.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ScreenShot.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SecurityNotification_1.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SendBugReportNew.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SpecUTool.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0DCCC838-573D-44F5-8032-CF7A7F817964} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {10287C3A-57B4-4807-B923-E1664E2C4BDB} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [528656 2019-05-22] (IObit Information Technology -> IObit)
Task: {29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10} - \Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c -> No File <==== ATTENTION
Task: {4392A3B5-0280-40A3-919E-928DC94F6C6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {340292CE-49E0-4C20-9152-A99ABDCA0B58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3AC1A547-8768-4CEF-B88B-3CCE9008146D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {4DEFED63-BC02-4525-8FF4-CBAE237FE5C1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {778D5342-B935-4869-9417-BD04AFD3AFE4} - \Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10 -> No File <==== ATTENTION
Task: {97F39469-487F-4173-A1A2-89E640183F99} - \Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec -> No File <==== ATTENTION
Task: {9AE8E8F7-F542-45E2-BC95-9668072163E6} - \Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534 -> No File <==== ATTENTION
Task: {EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Program Files (x86)\Advanced SystemCare Pro
C:\Program Files (x86)\IObit
C:\Users\Frantisek\AppData\Roaming\IObit
C:\ProgramData\IObit
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\JRcm => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\ProgramData => ":gs5sys" ADS could not remove.
C:\Users\All Users => ":gs5sys" ADS could not remove.
C:\Users\Frantisek => ":gs5sys" ADS removed successfully
C:\ProgramData\Application Data => ":gs5sys" ADS could not remove.
C:\ProgramData\Documents\desktop.ini => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Application Data => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Cookies => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Local Settings => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Templates => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Frantisek\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\Frantisek\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\Frantisek\AppData\Local\Application Data" => ":gs5sys" ADS not found.
C:\Users\Frantisek\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Public\Documents\desktop.ini" => ":gs5sys" ADS not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2ABD4539-AE26-4F14-83EF-606268C4245C} => removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc} => removed successfully
"HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => removed successfully
C:\Program Files (x86)\IObit => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5169af39-cc5a-11ea-9d0a-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d40eb54e-c367-11ea-9d09-b46d83ba83d9} => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AUpdate.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AutoUpdate.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BigUpgrade_IU.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CrRestore.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\DSPut.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Feedback.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ijplmsvc.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ijplmui.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IObitDownloader.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iu10Pre.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUProtip.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUService.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iush.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUSoftUpdateTip.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUXM2020.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Loader-IU.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NoteIcon.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ScreenShot.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SecurityNotification_1.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SendBugReportNew.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SpecUTool.exe => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DCCC838-573D-44F5-8032-CF7A7F817964}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DCCC838-573D-44F5-8032-CF7A7F817964}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10287C3A-57B4-4807-B923-E1664E2C4BDB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10287C3A-57B4-4807-B923-E1664E2C4BDB}" => removed successfully
C:\WINDOWS\System32\Tasks\StartMenu8_Start => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartMenu8_Start" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4392A3B5-0280-40A3-919E-928DC94F6C6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4392A3B5-0280-40A3-919E-928DC94F6C6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{340292CE-49E0-4C20-9152-A99ABDCA0B58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{340292CE-49E0-4C20-9152-A99ABDCA0B58}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AC1A547-8768-4CEF-B88B-3CCE9008146D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC1A547-8768-4CEF-B88B-3CCE9008146D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DEFED63-BC02-4525-8FF4-CBAE237FE5C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DEFED63-BC02-4525-8FF4-CBAE237FE5C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{778D5342-B935-4869-9417-BD04AFD3AFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{778D5342-B935-4869-9417-BD04AFD3AFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97F39469-487F-4173-A1A2-89E640183F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97F39469-487F-4173-A1A2-89E640183F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9AE8E8F7-F542-45E2-BC95-9668072163E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AE8E8F7-F542-45E2-BC95-9668072163E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Program Files (x86)\Advanced SystemCare Pro => moved successfully
"C:\Program Files (x86)\IObit" => not found
C:\Users\Frantisek\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53313638 B
Java, Flash, Steam htmlcache => 1871 B
Windows/system/drivers => 2526476 B
Edge => 2759205 B
Chrome => 644826 B
Brave => 0 B
Firefox => 137364210 B
Opera => 140110 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 8621749 B
systemprofile32 => 80131651 B
LocalService => 80136695 B
NetworkService => 80136695 B
Frantisek => 1561555723 B
RecycleBin => 81225737 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:08:55 ====
Ran by Davídek (19-01-2021 22:06:46) Run:1
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Davídek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Frantisek:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Templates:gs5sys [2048]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\Application Data:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
SearchScopes: HKU\.DEFAULT -> {2ABD4539-AE26-4F14-83EF-606268C4245C} URL =
SearchScopes: HKU\.DEFAULT -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL =
Toolbar: HKU\S-1-5-21-909588931-3475030629-4239748838-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Program Files (x86)\IObit
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {5169af39-cc5a-11ea-9d0a-b46d83ba83d9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\...\MountPoints2: {d40eb54e-c367-11ea-9d09-b46d83ba83d9} - "F:\stub.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
IFEO\AUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\AutoUpdate.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\BigUpgrade_IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\CrRestore.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\DSPut.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Feedback.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmsvc.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ijplmui.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iu10Pre.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUProtip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUService.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\iush.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUSoftUpdateTip.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\IUXM2020.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\Loader-IU.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\NoteIcon.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\ScreenShot.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SecurityNotification_1.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SendBugReportNew.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
IFEO\SpecUTool.exe: [Debugger] C:\Program Files (x86)\Advanced SystemCare Pro\AutoReactivator.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0DCCC838-573D-44F5-8032-CF7A7F817964} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {10287C3A-57B4-4807-B923-E1664E2C4BDB} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [528656 2019-05-22] (IObit Information Technology -> IObit)
Task: {29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10} - \Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c -> No File <==== ATTENTION
Task: {4392A3B5-0280-40A3-919E-928DC94F6C6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {340292CE-49E0-4C20-9152-A99ABDCA0B58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {3AC1A547-8768-4CEF-B88B-3CCE9008146D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => C:\Users\Frantisek\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-05-25] (Google LLC -> Google LLC)
Task: {4DEFED63-BC02-4525-8FF4-CBAE237FE5C1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {778D5342-B935-4869-9417-BD04AFD3AFE4} - \Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10 -> No File <==== ATTENTION
Task: {97F39469-487F-4173-A1A2-89E640183F99} - \Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec -> No File <==== ATTENTION
Task: {9AE8E8F7-F542-45E2-BC95-9668072163E6} - \Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534 -> No File <==== ATTENTION
Task: {EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Program Files (x86)\Advanced SystemCare Pro
C:\Program Files (x86)\IObit
C:\Users\Frantisek\AppData\Roaming\IObit
C:\ProgramData\IObit
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\JRcm => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\ProgramData => ":gs5sys" ADS could not remove.
C:\Users\All Users => ":gs5sys" ADS could not remove.
C:\Users\Frantisek => ":gs5sys" ADS removed successfully
C:\ProgramData\Application Data => ":gs5sys" ADS could not remove.
C:\ProgramData\Documents\desktop.ini => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Application Data => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Cookies => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Local Settings => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Templates => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Frantisek\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\Frantisek\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\Frantisek\AppData\Local\Application Data" => ":gs5sys" ADS not found.
C:\Users\Frantisek\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Public\Documents\desktop.ini" => ":gs5sys" ADS not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2ABD4539-AE26-4F14-83EF-606268C4245C} => removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc} => removed successfully
"HKU\S-1-5-21-909588931-3475030629-4239748838-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => removed successfully
C:\Program Files (x86)\IObit => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2065dfb8-3ba4-11ea-9cf4-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2065dff8-3ba4-11ea-9cf4-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad3e17e-87eb-11ea-9cfd-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad3e1c1-87eb-11ea-9cfd-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5169af39-cc5a-11ea-9d0a-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-909588931-3475030629-4239748838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d40eb54e-c367-11ea-9d09-b46d83ba83d9} => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AUpdate.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AutoUpdate.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BigUpgrade_IU.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CrRestore.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\DSPut.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Feedback.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ijplmsvc.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ijplmui.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IObitDownloader.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iu10Pre.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUProtip.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUService.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iush.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUSoftUpdateTip.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IUXM2020.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Loader-IU.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NoteIcon.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ScreenShot.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SecurityNotification_1.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SendBugReportNew.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SpecUTool.exe => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DCCC838-573D-44F5-8032-CF7A7F817964}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DCCC838-573D-44F5-8032-CF7A7F817964}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10287C3A-57B4-4807-B923-E1664E2C4BDB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10287C3A-57B4-4807-B923-E1664E2C4BDB}" => removed successfully
C:\WINDOWS\System32\Tasks\StartMenu8_Start => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartMenu8_Start" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29AEE9EB-36C9-4B9C-8A5D-210E74BD1E10}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\941de6cd-645d-4c35-9288-f4e04e91638c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4392A3B5-0280-40A3-919E-928DC94F6C6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4392A3B5-0280-40A3-919E-928DC94F6C6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{340292CE-49E0-4C20-9152-A99ABDCA0B58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{340292CE-49E0-4C20-9152-A99ABDCA0B58}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AC1A547-8768-4CEF-B88B-3CCE9008146D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC1A547-8768-4CEF-B88B-3CCE9008146D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-909588931-3475030629-4239748838-1001Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DEFED63-BC02-4525-8FF4-CBAE237FE5C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DEFED63-BC02-4525-8FF4-CBAE237FE5C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{778D5342-B935-4869-9417-BD04AFD3AFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{778D5342-B935-4869-9417-BD04AFD3AFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\0fcf031d-c0f0-4847-9462-afc06ce2fc10" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97F39469-487F-4173-A1A2-89E640183F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97F39469-487F-4173-A1A2-89E640183F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\972ca26a-2d99-4c4d-8920-af5b995561ec" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9AE8E8F7-F542-45E2-BC95-9668072163E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AE8E8F7-F542-45E2-BC95-9668072163E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\4ff126e1-bfdb-45a6-b168-6baa303ee534" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA75A5BF-7D9C-4A7E-B97A-51412E19EE9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Program Files (x86)\Advanced SystemCare Pro => moved successfully
"C:\Program Files (x86)\IObit" => not found
C:\Users\Frantisek\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53313638 B
Java, Flash, Steam htmlcache => 1871 B
Windows/system/drivers => 2526476 B
Edge => 2759205 B
Chrome => 644826 B
Brave => 0 B
Firefox => 137364210 B
Opera => 140110 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 8621749 B
systemprofile32 => 80131651 B
LocalService => 80136695 B
NetworkService => 80136695 B
Frantisek => 1561555723 B
RecycleBin => 81225737 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:08:55 ====
Re: zpomalené pc 2
Prohlížeč se dost zrychlil ,videa na youtube se už nesekají !!! 
Počítač se trošičku zrychlil (nedalo by se to ještě trochu víc zrychlit ?? )
Počítač se trošičku zrychlil (nedalo by se to ještě trochu víc zrychlit ?? )
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomalené pc 2
Zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomalené pc 2
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?