Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zasekaný NTB

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Martin D.
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 29 bře 2009 11:09

Zasekaný NTB

#1 Příspěvek od Martin D. »

Dobrý den,

prosím o konrolu logu notebooku od tchána. :-) Je to hrozně zasekané.

Děkuji. M.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-02-2021 01
Ran by Planeo (administrator) on LAPTOP-K0U1NRJO (HP HP 250 G5 Notebook PC) (21-02-2021 16:57:45)
Running from C:\Users\Planeo\Downloads
Loaded Profiles: Planeo
Platform: Windows 10 Home Version 1909 18363.1379 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5033A52-97E7-45B8-9895-043BBCFFCEB6}\MicrosoftEdge_X64_88.0.705.74_88.0.705.68.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\EDGEMITMP_4182D.tmp\setup.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-04-07]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A40FF2D-63CF-4155-97CA-0004A582FAE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {31388A7B-48D4-45C7-9ECC-35EB77588DE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
Task: {364850F5-D76F-4E9E-A52F-C8901EC38C13} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {38E8FB88-2CD7-4D18-865D-58E720145952} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {435C9A4A-C753-422D-AD87-71E8491F8709} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {4F30323B-8A77-4D45-B97C-A1D0DE11586B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {51955B34-BFAE-415E-BCDC-996306810A26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {61DFD2E6-969E-49BB-B2A7-0D46E408A241} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {68672EAB-D95F-4276-AAA2-395641C6E79C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BC08766-97D6-4057-9D6C-321B0D5D0253} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {760418D4-3D1F-4DB5-A339-9382735D1823} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {77F9BFDF-4424-4CEC-9424-17411C836E1A} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {84EDF342-7B38-43D8-8163-CEA9053B39C3} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {875A37E1-033E-44FD-8B22-8977D8FEB821} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {8A50E55C-E9BA-4583-B0B6-AE15025A4DCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9444E441-AD5F-4C83-8593-C402F489A6E1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {961BE6A3-1DF9-4DA6-BACF-3448614D7AEE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {9AA38D30-7009-4FB8-841C-84747219328D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348256 2021-01-22] (HP Inc. -> HP Inc.)
Task: {9D2720DE-72D0-4260-B332-6B652D357BBC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A61DF163-AEF7-483F-AF47-C0B8B782FFBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {A89BE207-5483-4AAA-86AB-580B1EF7EBAA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8EFD166-378A-40E0-829E-AF8C74C1B3B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B0E6E039-9DFF-4C20-93E5-E20B0322BE94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8D0EE28-BA2B-4BA3-955E-28E35EB8FE20} - System32\Tasks\Microsoft\Windows\PLA\RPT7237.tmp => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1507328 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {CD377497-1D10-40EF-B638-FBF9F5A4761A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {D19DC7B4-AA7C-470A-8759-B52F3BF0401D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D24A86DF-9A57-4BB0-B820-CC40D3A35828} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {D57D4A94-DBEE-49DE-A0AB-FA6D306537C6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {DCD5A8C8-4216-4C91-AB8F-ECD3B5956798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
Task: {EBB36F5C-0A0C-4959-919F-01CD8FA7DF6E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE1A5FAE-E9ED-4506-A854-500F6B574473} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {EED4D7BB-1589-4741-91AE-920F90D44851} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {F569E180-676D-46F9-BCA8-2333FA3923B6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-23] (HP Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{62813392-9397-4a88-b3a1-dd88a77dc196}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Planeo\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-21]

FireFox:
========
FF DefaultProfile: pweh1212.default
FF ProfilePath: C:\Users\Planeo\AppData\Roaming\Mozilla\Firefox\Profiles\pweh1212.default [2021-02-21]
FF Homepage: Mozilla\Firefox\Profiles\pweh1212.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\pweh1212.default -> hxxps://live-stream365.com
FF Extension: (FF Info Helper) - C:\Users\Planeo\AppData\Roaming\Mozilla\Firefox\Profiles\pweh1212.default\Extensions\{5b620343-cd69-49b8-a7ba-f9d499ee5d3d}.xpi [2017-12-18] [UpdateUrl:hxxps://ytwhrf.com/update.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default [2021-02-21]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-05]
CHR Extension: (Dokumenty) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-05]
CHR Extension: (Disk Google) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-21]
CHR Extension: (YouTube) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-30]
CHR Extension: (Tabulky) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
CHR Extension: (Gmail) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-11] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2017-09-13] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-21 16:49 - 2021-02-21 16:57 - 000036559 _____ C:\Users\Planeo\Downloads\Addition.txt
2021-02-21 16:35 - 2021-02-21 17:02 - 000022379 _____ C:\Users\Planeo\Downloads\FRST.txt
2021-02-21 16:34 - 2021-02-21 17:00 - 000000000 ____D C:\FRST
2021-02-21 16:30 - 2021-02-21 16:33 - 002301440 _____ (Farbar) C:\Users\Planeo\Downloads\FRST64.exe
2021-02-21 16:27 - 2021-02-21 16:31 - 000000000 ____D C:\Users\Planeo\Documents\Záloha registry_CCleaner
2021-02-15 18:23 - 2021-02-15 18:23 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-15 18:23 - 2021-02-15 18:23 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-02-15 18:23 - 2021-02-15 18:23 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-02-15 18:23 - 2021-02-15 18:23 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-02-15 18:23 - 2021-02-15 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-02-13 22:05 - 2021-02-13 22:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-13 22:04 - 2021-02-13 22:04 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-13 22:04 - 2021-02-13 22:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-02-13 22:02 - 2021-02-13 22:02 - 000232752 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-09 22:20 - 2021-02-09 22:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-07 17:33 - 2021-02-07 17:33 - 000002890 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-07 17:32 - 2021-02-21 16:20 - 000000000 ____D C:\Program Files\CCleaner
2021-02-07 17:32 - 2021-02-21 16:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-07 17:32 - 2021-02-07 17:35 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-02-07 17:32 - 2021-02-07 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-02-07 17:29 - 2021-02-07 17:29 - 024578944 _____ (Piriform Software Ltd) C:\Users\Planeo\Downloads\ccleaner_5.63.exe
2021-01-29 21:21 - 2021-02-13 23:16 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-21 17:04 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-21 17:01 - 2020-06-07 08:53 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-21 17:01 - 2020-06-07 08:53 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-21 16:57 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-21 16:50 - 2019-10-07 21:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-21 16:38 - 2016-10-24 08:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-21 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-21 16:20 - 2018-07-24 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-21 16:18 - 2019-02-06 20:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-21 16:18 - 2017-08-31 06:11 - 000000000 ____D C:\Users\Planeo\AppData\LocalLow\Mozilla
2021-02-21 16:16 - 2017-10-05 13:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-21 16:16 - 2017-08-30 06:11 - 000000000 __SHD C:\Users\Planeo\IntelGraphicsProfiles
2021-02-18 06:26 - 2017-08-30 19:08 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-18 06:18 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-14 17:06 - 2019-10-07 21:27 - 000000000 ____D C:\Users\Planeo
2021-02-14 16:02 - 2019-10-07 22:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-14 11:59 - 2019-10-07 21:41 - 001842076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-14 11:59 - 2019-03-19 12:55 - 000753718 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-14 11:59 - 2019-03-19 12:55 - 000163142 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 23:20 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-13 23:18 - 2017-12-13 13:32 - 000000000 ___RD C:\Users\Planeo\3D Objects
2021-02-13 23:18 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-13 23:16 - 2019-10-07 21:12 - 000526928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-13 23:16 - 2017-08-30 19:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-13 23:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-13 23:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-13 23:12 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 22:51 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-13 22:44 - 2017-09-13 12:42 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-02-13 22:31 - 2017-08-30 21:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-13 22:22 - 2017-08-30 21:54 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-13 22:20 - 2019-03-19 12:58 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-13 22:20 - 2019-03-19 12:58 - 000019469 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-13 20:57 - 2018-02-27 19:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 21:22 - 2020-06-07 08:52 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 21:22 - 2020-06-07 08:52 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-09 22:20 - 2017-08-30 19:41 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-09 22:04 - 2019-07-09 09:47 - 000000000 ____D C:\Users\Planeo\Documents\Mobil
2021-02-08 18:22 - 2016-10-24 08:09 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-02-08 18:22 - 2016-10-24 08:09 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-02-07 17:52 - 2019-10-07 22:02 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1955693642-3227167433-192302802-1001
2021-02-07 17:52 - 2019-10-07 21:27 - 000002371 _____ C:\Users\Planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-07 17:40 - 2019-09-03 18:05 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-07 17:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-07 17:33 - 2019-08-21 14:11 - 000000000 ____D C:\Users\Planeo\Knihovna Calibre
2021-02-05 18:40 - 2019-10-07 22:02 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 18:40 - 2019-10-07 22:02 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-30 22:11 - 2017-12-13 13:05 - 000000000 ____D C:\Users\Planeo\AppData\Local\Packages
2021-01-23 17:26 - 2017-09-13 11:54 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-22 20:04 - 2019-10-07 22:02 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-01-22 20:04 - 2019-10-07 22:02 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Martin D.
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 29 bře 2009 11:09

Re: Zasekaný NTB

#2 Příspěvek od Martin D. »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2021 01
Ran by Planeo (21-02-2021 17:05:30)
Running from C:\Users\Planeo\Downloads
Windows 10 Home Version 1909 18363.1379 (X64) (2019-10-07 21:04:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1955693642-3227167433-192302802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1955693642-3227167433-192302802-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1955693642-3227167433-192302802-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1955693642-3227167433-192302802-501 - Limited - Disabled)
Planeo (S-1-5-21-1955693642-3227167433-192302802-1001 - Administrator - Enabled) => C:\Users\Planeo
WDAGUtilityAccount (S-1-5-21-1955693642-3227167433-192302802-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{E43B6117-96A7-475F-BF11-B28402192B36}) (Version: 3.46.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Prohlížeč Seznam.cz (HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\Seznam Browser) (Version: - Seznam.cz a.s.)
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-22] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-09-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-10-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Studios)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1955693642-3227167433-192302802-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-1955693642-3227167433-192302802-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square

==================== Loaded Modules (Whitelisted) =============

2021-01-16 19:20 - 2021-01-16 19:20 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\a354c38f659363054b8dbd29ab5fc353\Interop.IWshRuntimeLibrary.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {47CFF4EA-A6FA-44B7-984B-FA3502FCA35D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {47CFF4EA-A6FA-44B7-984B-FA3502FCA35D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1955693642-3227167433-192302802-1001 -> {47CFF4EA-A6FA-44B7-984B-FA3502FCA35D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2020-07-02 15:42 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Calibre2\
HKU\S-1-5-21-1955693642-3227167433-192302802-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Planeo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E8CC5411-CB08-4705-9319-73B1907C7B7A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{FE8214E0-6A1F-4AF4-BAB0-F66C58B02625}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93922DF4-D83B-4E36-9E2A-FFDCF7150F52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F34FEF95-4289-400D-8C1C-6F48849A6408}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95581912-15ED-4BAF-9614-5EF6316071CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{076EA443-93A3-4304-81EF-45DD8DAB06F3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F33090ED-00B7-4F5D-B19B-B2BD56232503}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{10090F9B-E7D0-4111-B5BA-E8BB849A589C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AA9979C4-1DB9-4144-9B8B-0B5E0B2187BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{582EE06E-BB3A-4AD2-8E0F-8AF1CD8688FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{825E12C1-A07F-4D0F-95DD-49301E04AEAF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{257FCC6D-01D7-4611-9863-75B41298C67F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{C233D4BF-F2F1-4F6E-95CB-F3B8CEE1FA84}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{5769CA8F-AC44-403E-A94C-35D95F81398A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB8817A-7596-4602-940D-D22B7C43546E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{451AF59D-9832-47CE-A3C0-0B1626D851DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10C40232-AE5F-4A2D-9FD1-19BF3C98D002}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1A306DD6-8248-4949-A0FB-B195E80307AC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CDB44D9B-958E-4D74-A532-199B0D792280}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6FA2810E-CFC1-4965-9BC1-04D30D12F5B6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6A09C943-A373-4512-8F4C-E7834F868544}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{133973A5-5698-4095-9961-C076337E034F}] => (Allow) LPort=1688
FirewallRules: [{CE685A40-F0AA-400B-A6F7-65BB2BA0D6A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4BCB6AF-C390-4961-A2CD-DC9C0FD9C7F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99C9385D-30A9-422B-A224-26F3F9EB8470}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0FE62E05-2A5B-41B0-8BB3-EFDA315315F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{269CD8FA-A636-4E2C-93FE-A49B78B5B0EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C0C6F91B-CD64-4D47-906A-A38A42ED47C4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFF0DBB9-B9B4-4080-A5B6-631732DEA3E3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

14-01-2021 19:05:35 Windows Update
09-02-2021 22:18:16 Odebráno: Microsoft Visual C++ 2005 Redistributable
13-02-2021 21:01:56 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/21/2021 04:37:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5132,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/18/2021 12:26:08 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-K0U1NRJO)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/18/2021 11:30:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/18/2021 07:44:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16094

Error: (02/18/2021 07:44:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16094

Error: (02/18/2021 07:44:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2021 07:13:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5380,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/18/2021 06:59:09 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4488,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (02/21/2021 04:44:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/21/2021 04:22:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/21/2021 04:17:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/18/2021 12:44:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/18/2021 11:44:33 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/18/2021 11:26:38 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/18/2021 11:22:03 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/18/2021 07:08:48 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================Event[0]:

Date: 2021-02-08 19:57:55.179
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BBCE6A85-9E44-468A-B782-309930514D95}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-03 22:24:07.436
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8A6241E2-EA3E-4CB8-9AB7-CE135612CA55}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-03 22:10:35.247
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {30DDFBF9-C3AD-4D7E-A4CA-21D66A95595A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-20 19:17:43.250
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {16FF5D80-2A97-44FC-A325-8CD09FD90318}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-17 19:17:23.848
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {741F923D-C205-4E60-931C-1702DF3270A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-02-21 16:39:30.613
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1241.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-02-18 06:04:55.741
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1067.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-01-27 20:36:35.681
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2840.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800704e8
Popis chyby: Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2021-01-27 20:36:35.677
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2840.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800704e8
Popis chyby: Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2021-01-27 20:36:35.674
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2840.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800704e8
Popis chyby: Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

==================== Memory info ===========================

BIOS: Insyde F.24 01/20/2017
Motherboard: HP 81F1
Processor: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz
Percentage of memory in use: 84%
Total physical RAM: 3938.27 MB
Available physical RAM: 605.93 MB
Total Virtual: 5154.27 MB
Available Virtual: 1263.19 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:449.96 GB) (Free:324.35 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.83 GB) (Free:1.63 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{d9756321-1b15-4f72-91c5-150f68de0dcc}\ () (Fixed) (Total:1.7 GB) (Free:1.12 GB) NTFS
\\?\Volume{0c92fccd-c57c-462a-8a0c-f12ca9539f04}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8E61EA2B)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119412
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zasekaný NTB

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Martin D.
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 29 bře 2009 11:09

Re: Zasekaný NTB

#4 Příspěvek od Martin D. »

Děkuji!

Tady je log:

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-21-2021
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Planeo\AppData\Roaming\WinThruster

***** [ Files ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5512 octets] - [21/02/2021 18:50:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119412
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zasekaný NTB

#5 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Martin D.
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 29 bře 2009 11:09

Re: Zasekaný NTB

#6 Příspěvek od Martin D. »

Dobrý den,

děkuji. Tady jsou:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-02-2021
Ran by Planeo (administrator) on LAPTOP-K0U1NRJO (HP HP 250 G5 Notebook PC) (22-02-2021 08:27:05)
Running from C:\Users\Planeo\Downloads
Loaded Profiles: Planeo
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-04-07]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05F2B090-E8A1-4A00-98D2-237A725C32E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A40FF2D-63CF-4155-97CA-0004A582FAE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {31388A7B-48D4-45C7-9ECC-35EB77588DE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
Task: {364850F5-D76F-4E9E-A52F-C8901EC38C13} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {38E8FB88-2CD7-4D18-865D-58E720145952} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {435C9A4A-C753-422D-AD87-71E8491F8709} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {4F30323B-8A77-4D45-B97C-A1D0DE11586B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {51955B34-BFAE-415E-BCDC-996306810A26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {61DFD2E6-969E-49BB-B2A7-0D46E408A241} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6BC08766-97D6-4057-9D6C-321B0D5D0253} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {760418D4-3D1F-4DB5-A339-9382735D1823} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {77F9BFDF-4424-4CEC-9424-17411C836E1A} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {84EDF342-7B38-43D8-8163-CEA9053B39C3} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {875A37E1-033E-44FD-8B22-8977D8FEB821} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {8A50E55C-E9BA-4583-B0B6-AE15025A4DCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9444E441-AD5F-4C83-8593-C402F489A6E1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {961BE6A3-1DF9-4DA6-BACF-3448614D7AEE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {9AA38D30-7009-4FB8-841C-84747219328D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348256 2021-01-22] (HP Inc. -> HP Inc.)
Task: {A61DF163-AEF7-483F-AF47-C0B8B782FFBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {A89BE207-5483-4AAA-86AB-580B1EF7EBAA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8EFD166-378A-40E0-829E-AF8C74C1B3B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B0E6E039-9DFF-4C20-93E5-E20B0322BE94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8D0EE28-BA2B-4BA3-955E-28E35EB8FE20} - System32\Tasks\Microsoft\Windows\PLA\RPT7237.tmp => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BCD807DC-C9DF-415D-9B0E-8FCE0DEBBD62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1F220B0-487A-4B20-8E43-82E42134CB35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD377497-1D10-40EF-B638-FBF9F5A4761A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {D24A86DF-9A57-4BB0-B820-CC40D3A35828} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {D321B841-E692-43DC-82D9-2B931DA96253} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D57D4A94-DBEE-49DE-A0AB-FA6D306537C6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {DCD5A8C8-4216-4C91-AB8F-ECD3B5956798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
Task: {EE1A5FAE-E9ED-4506-A854-500F6B574473} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {EED4D7BB-1589-4741-91AE-920F90D44851} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {F569E180-676D-46F9-BCA8-2333FA3923B6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-23] (HP Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{62813392-9397-4a88-b3a1-dd88a77dc196}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Planeo\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-22]

FireFox:
========
FF DefaultProfile: pweh1212.default
FF ProfilePath: C:\Users\Planeo\AppData\Roaming\Mozilla\Firefox\Profiles\pweh1212.default [2021-02-22]
FF Homepage: Mozilla\Firefox\Profiles\pweh1212.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\pweh1212.default -> hxxps://live-stream365.com
FF Extension: (FF Info Helper) - C:\Users\Planeo\AppData\Roaming\Mozilla\Firefox\Profiles\pweh1212.default\Extensions\{5b620343-cd69-49b8-a7ba-f9d499ee5d3d}.xpi [2017-12-18] [UpdateUrl:hxxps://ytwhrf.com/update.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default [2021-02-22]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-05]
CHR Extension: (Dokumenty) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-05]
CHR Extension: (Disk Google) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-21]
CHR Extension: (YouTube) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-30]
CHR Extension: (Tabulky) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
CHR Extension: (Gmail) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2017-09-13] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 08:27 - 2021-02-22 08:30 - 000021305 _____ C:\Users\Planeo\Downloads\FRST.txt
2021-02-22 08:26 - 2021-02-22 08:26 - 000000000 ____D C:\Users\Planeo\Downloads\FRST-OlderVersion
2021-02-22 05:16 - 2021-02-22 05:16 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-22 05:11 - 2021-02-22 05:11 - 000000020 ___SH C:\Users\Planeo\ntuser.ini
2021-02-22 05:09 - 2021-02-22 05:10 - 000003816 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-02-22 05:09 - 2021-02-22 05:10 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-02-22 05:09 - 2021-02-22 05:10 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-22 05:09 - 2021-02-22 05:09 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-22 05:09 - 2021-02-22 05:09 - 000003462 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-02-22 05:09 - 2021-02-22 05:09 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-22 05:09 - 2021-02-22 05:09 - 000003238 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-02-22 05:09 - 2021-02-22 05:09 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-22 05:09 - 2021-02-22 05:09 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-22 05:09 - 2021-02-22 05:09 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1955693642-3227167433-192302802-1001
2021-02-22 05:09 - 2021-02-22 05:09 - 000002766 _____ C:\WINDOWS\system32\Tasks\HPAudioSwitch
2021-02-22 05:09 - 2021-02-22 05:09 - 000002500 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS
2021-02-22 05:09 - 2021-02-22 05:09 - 000002262 _____ C:\WINDOWS\system32\Tasks\DropboxOEM
2021-02-22 05:09 - 2021-02-22 05:09 - 000002252 _____ C:\WINDOWS\system32\Tasks\HPJumpStartProvider
2021-02-22 05:09 - 2021-02-22 05:09 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-22 05:09 - 2021-02-22 05:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-22 05:09 - 2021-02-22 05:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-22 05:09 - 2021-02-22 05:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-02-22 05:05 - 2021-02-22 05:09 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-02-22 05:05 - 2021-02-22 05:09 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-02-22 04:52 - 2021-02-22 04:52 - 001796740 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-22 04:33 - 2021-02-22 04:33 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2021-02-22 04:33 - 2019-02-25 04:06 - 000104152 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2021-02-22 04:33 - 2019-02-25 04:06 - 000100056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-02-22 04:28 - 2021-02-22 08:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-22 04:28 - 2021-02-22 04:47 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-22 04:28 - 2021-02-22 04:28 - 000532568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-22 04:27 - 2021-02-22 05:10 - 000000000 ____D C:\Windows.old
2021-02-22 00:45 - 2021-02-22 04:27 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-02-22 00:40 - 2021-02-22 05:11 - 000000000 ____D C:\Users\Planeo
2021-02-22 00:40 - 2021-02-22 04:52 - 000000000 ____D C:\Users\defaultuser0
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Šablony
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Soubory cookie
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Poslední
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Okolní tiskárny
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Okolní síť
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Nabídka Start
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Dokumenty
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Documents\Obrázky
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Documents\Hudba
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Documents\Filmy
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\Data aplikací
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\Planeo\AppData\Local\Data aplikací
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Šablony
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Soubory cookie
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Poslední
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Okolní tiskárny
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Okolní síť
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Nabídka Start
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Dokumenty
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Obrázky
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Hudba
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Filmy
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\Data aplikací
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-02-22 00:40 - 2021-02-22 00:40 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Data aplikací
2021-02-22 00:40 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-22 00:40 - 2019-12-07 10:10 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-22 00:32 - 2021-02-22 00:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-02-22 00:21 - 2021-02-22 00:21 - 000000000 ____D C:\ProgramData\ssh
2021-02-21 23:59 - 2021-02-21 23:59 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-02-21 23:59 - 2021-02-21 23:59 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-02-21 23:59 - 2021-02-21 23:59 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-02-21 23:58 - 2021-02-21 23:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-21 23:58 - 2021-02-21 23:58 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-02-21 23:58 - 2021-02-21 23:58 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-02-21 23:58 - 2021-02-21 23:58 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-02-21 23:58 - 2021-02-21 23:58 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-02-21 23:58 - 2021-02-21 23:58 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-21 23:58 - 2021-02-21 23:58 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-02-21 23:57 - 2021-02-21 23:57 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-02-21 23:57 - 2021-02-21 23:57 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-02-21 23:57 - 2021-02-21 23:57 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-02-21 23:57 - 2021-02-21 23:57 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-02-21 23:57 - 2021-02-21 23:57 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-02-21 23:57 - 2021-02-21 23:57 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-02-21 23:57 - 2021-02-21 23:57 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-02-21 23:56 - 2021-02-21 23:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-21 23:56 - 2021-02-21 23:56 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-02-21 23:56 - 2021-02-21 23:56 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-02-21 23:56 - 2021-02-21 23:56 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-21 23:56 - 2021-02-21 23:56 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-02-21 23:55 - 2021-02-21 23:55 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-02-21 23:55 - 2021-02-21 23:55 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-21 23:55 - 2021-02-21 23:55 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-02-21 23:55 - 2021-02-21 23:55 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-02-21 23:55 - 2021-02-21 23:55 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-02-21 23:55 - 2021-02-21 23:55 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-02-21 23:55 - 2021-02-21 23:55 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-02-21 23:55 - 2021-02-21 23:55 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-02-21 23:55 - 2021-02-21 23:55 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-21 23:54 - 2021-02-21 23:54 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-02-21 23:54 - 2021-02-21 23:54 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-02-21 23:54 - 2021-02-21 23:54 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-02-21 23:54 - 2021-02-21 23:54 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-02-21 23:54 - 2021-02-21 23:54 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-02-21 23:53 - 2021-02-21 23:53 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-02-21 23:53 - 2021-02-21 23:53 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-02-21 23:53 - 2021-02-21 23:53 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-02-21 23:53 - 2021-02-21 23:53 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-21 23:53 - 2021-02-21 23:53 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-21 23:53 - 2021-02-21 23:53 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-02-21 23:53 - 2021-02-21 23:53 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-02-21 23:52 - 2021-02-21 23:52 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-02-21 23:52 - 2021-02-21 23:52 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-02-21 23:52 - 2021-02-21 23:52 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-02-21 23:52 - 2021-02-21 23:52 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-02-21 23:52 - 2021-02-21 23:52 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-02-21 23:52 - 2021-02-21 23:52 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-02-21 23:52 - 2021-02-21 23:52 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-02-21 23:52 - 2021-02-21 23:52 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-02-21 23:52 - 2021-02-21 23:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-02-21 23:52 - 2021-02-21 23:52 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-02-21 23:51 - 2021-02-21 23:51 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-02-21 23:51 - 2021-02-21 23:51 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-02-21 23:51 - 2021-02-21 23:51 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-02-21 23:50 - 2021-02-21 23:50 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-02-21 23:50 - 2021-02-21 23:50 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-21 23:50 - 2021-02-21 23:50 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-21 23:50 - 2021-02-21 23:50 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-02-21 23:50 - 2021-02-21 23:50 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-02-21 23:50 - 2021-02-21 23:50 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-02-21 23:50 - 2021-02-21 23:50 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-02-21 23:50 - 2021-02-21 23:50 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-02-21 23:50 - 2021-02-21 23:50 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-02-21 23:50 - 2021-02-21 23:50 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-02-21 23:49 - 2021-02-21 23:49 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-02-21 23:49 - 2021-02-21 23:49 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-02-21 23:49 - 2021-02-21 23:49 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-21 23:49 - 2021-02-21 23:49 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-02-21 23:49 - 2021-02-21 23:49 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-02-21 23:48 - 2021-02-21 23:48 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-02-21 23:48 - 2021-02-21 23:48 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-02-21 23:48 - 2021-02-21 23:48 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-02-21 23:47 - 2021-02-21 23:47 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-02-21 23:47 - 2021-02-21 23:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-21 23:47 - 2021-02-21 23:47 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-21 23:47 - 2021-02-21 23:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-02-21 23:47 - 2021-02-21 23:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-02-21 23:47 - 2021-02-21 23:47 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-21 23:47 - 2021-02-21 23:47 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-02-21 23:46 - 2021-02-21 23:46 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-02-21 23:46 - 2021-02-21 23:46 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-02-21 23:46 - 2021-02-21 23:46 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-02-21 23:46 - 2021-02-21 23:46 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-02-21 23:46 - 2021-02-21 23:46 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-02-21 23:46 - 2021-02-21 23:46 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-02-21 23:46 - 2021-02-21 23:46 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-02-21 23:08 - 2021-02-21 23:08 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-02-21 23:08 - 2021-02-21 23:08 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-02-21 23:01 - 2021-02-21 23:01 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-02-21 23:01 - 2021-02-21 23:01 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-21 23:01 - 2021-02-21 23:01 - 000000000 ____D C:\Program Files\MSBuild
2021-02-21 23:01 - 2021-02-21 23:01 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-21 23:01 - 2021-02-21 23:01 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-21 23:01 - 2021-02-21 23:01 - 000000000 ____D C:\inetpub
2021-02-21 22:32 - 2021-02-21 22:32 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-02-21 18:49 - 2021-02-21 18:52 - 000000000 ____D C:\AdwCleaner
2021-02-21 18:48 - 2021-02-21 18:48 - 008463216 _____ (Malwarebytes) C:\Users\Planeo\Downloads\adwcleaner_8.1.exe
2021-02-21 18:03 - 2021-02-22 05:11 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-21 17:22 - 2021-02-21 17:22 - 000000000 ___HD C:\$WinREAgent
2021-02-21 16:34 - 2021-02-22 08:29 - 000000000 ____D C:\FRST
2021-02-21 16:30 - 2021-02-22 08:25 - 002301440 _____ (Farbar) C:\Users\Planeo\Downloads\FRST64.exe
2021-02-21 16:27 - 2021-02-21 16:31 - 000000000 ____D C:\Users\Planeo\Documents\Záloha registry_CCleaner
2021-02-15 18:23 - 2021-02-22 04:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-02-15 18:23 - 2021-02-15 18:23 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-15 18:23 - 2021-02-15 18:23 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-02-15 18:23 - 2021-02-15 18:23 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-02-15 18:23 - 2021-02-15 18:23 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-02-07 17:32 - 2021-02-22 05:17 - 000000000 ____D C:\Program Files\CCleaner
2021-02-07 17:32 - 2021-02-22 04:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-02-07 17:32 - 2021-02-07 17:35 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-02-07 17:32 - 2021-02-07 17:35 - 000000870 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-02-07 17:29 - 2021-02-07 17:29 - 024578944 _____ (Piriform Software Ltd) C:\Users\Planeo\Downloads\ccleaner_5.63.exe
2021-01-29 21:21 - 2021-02-13 23:16 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 08:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-22 07:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-22 07:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-22 07:27 - 2020-10-01 20:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-22 07:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-22 07:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-22 05:32 - 2017-12-13 13:05 - 000000000 ____D C:\Users\Planeo\AppData\Local\Packages
2021-02-22 05:30 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-22 05:16 - 2018-06-23 21:01 - 000000000 ____D C:\Users\Planeo\AppData\Local\PlaceholderTileLogoFolder
2021-02-22 05:13 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-22 05:13 - 2018-07-10 08:01 - 000000000 ____D C:\ProgramData\Packages
2021-02-22 05:13 - 2018-02-17 19:31 - 000002339 _____ C:\Users\Planeo\Desktop\Google Chrome.lnk
2021-02-22 05:12 - 2017-12-13 13:32 - 000000000 ___RD C:\Users\Planeo\3D Objects
2021-02-22 05:12 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-22 05:11 - 2017-10-05 13:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-22 05:11 - 2017-08-30 06:11 - 000000000 __SHD C:\Users\Planeo\IntelGraphicsProfiles
2021-02-22 05:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-22 05:10 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-22 05:09 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-22 05:09 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2021-02-22 05:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-02-22 04:53 - 2017-10-05 14:11 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-02-22 04:52 - 2020-06-07 08:53 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-22 04:52 - 2020-06-07 08:53 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-22 04:52 - 2020-06-07 08:53 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-22 04:52 - 2019-12-07 15:41 - 000753578 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-22 04:52 - 2019-12-07 15:41 - 000163100 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-22 04:52 - 2017-08-30 19:08 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-22 04:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-22 04:47 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-22 04:33 - 2017-10-05 13:45 - 000057556 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2021-02-22 04:33 - 2017-10-05 13:45 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-02-22 04:33 - 2017-10-05 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-02-22 04:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-22 04:28 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-22 04:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-22 04:27 - 2019-08-21 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-02-22 04:27 - 2019-07-24 12:56 - 000000000 ____D C:\WINDOWS\system32\elambkup
2021-02-22 04:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-02-22 04:27 - 2018-07-24 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-22 04:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-02-22 04:27 - 2017-10-05 13:45 - 000000000 ____D C:\Program Files\Intel
2021-02-22 04:27 - 2017-10-05 13:44 - 000000000 ____D C:\Program Files (x86)\Intel
2021-02-22 04:27 - 2017-09-13 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2021-02-22 04:27 - 2017-09-13 12:42 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-02-22 04:27 - 2017-09-13 12:37 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-02-22 04:27 - 2017-09-13 12:07 - 000000000 ____D C:\Users\Planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-22 04:27 - 2017-09-13 12:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-22 04:27 - 2017-09-13 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-02-22 04:27 - 2017-08-30 21:53 - 000000000 ____D C:\Program Files\UNP
2021-02-22 04:27 - 2017-04-07 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2021-02-22 04:27 - 2017-04-07 04:48 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-02-22 04:27 - 2016-10-24 08:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2021-02-22 04:27 - 2016-10-24 08:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-02-22 04:22 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-02-22 01:19 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-02-22 00:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-22 00:47 - 2017-10-05 13:45 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2021-02-22 00:46 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\OCR
2021-02-22 00:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources
2021-02-22 00:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2021-02-22 00:45 - 2017-10-05 13:45 - 000000000 ____D C:\Program Files\Synaptics
2021-02-22 00:45 - 2017-10-05 13:45 - 000000000 ____D C:\Program Files\Realtek
2021-02-22 00:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-02-22 00:43 - 2017-12-13 13:07 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-22 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-22 00:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-22 00:21 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-22 00:21 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-22 00:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-22 00:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-22 00:16 - 2019-12-07 15:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-22 00:16 - 2019-12-07 15:44 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-21 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-02-21 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-02-21 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-02-21 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-02-21 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-02-21 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-02-21 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-02-21 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-02-21 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-02-21 16:38 - 2016-10-24 08:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-21 16:18 - 2019-02-06 20:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-21 16:18 - 2017-08-31 06:11 - 000000000 ____D C:\Users\Planeo\AppData\LocalLow\Mozilla
2021-02-13 23:16 - 2017-08-30 19:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-13 22:31 - 2017-08-30 21:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-13 22:22 - 2017-08-30 21:54 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-13 20:57 - 2018-02-27 19:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-09 22:20 - 2017-08-30 19:41 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-09 22:04 - 2019-07-09 09:47 - 000000000 ____D C:\Users\Planeo\Documents\Mobil
2021-02-08 18:22 - 2016-10-24 08:09 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-02-08 18:22 - 2016-10-24 08:09 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-02-07 17:33 - 2019-08-21 14:11 - 000000000 ____D C:\Users\Planeo\Knihovna Calibre
2021-02-05 20:04 - 2020-10-01 20:10 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-10-01 20:10 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-01-23 17:26 - 2017-09-13 11:54 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Martin D.
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 29 bře 2009 11:09

Re: Zasekaný NTB

#7 Příspěvek od Martin D. »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2021
Ran by Planeo (22-02-2021 08:43:17)
Running from C:\Users\Planeo\Downloads
Windows 10 Home Version 20H2 19042.804 (X64) (2021-02-22 04:10:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1955693642-3227167433-192302802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1955693642-3227167433-192302802-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1955693642-3227167433-192302802-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1955693642-3227167433-192302802-501 - Limited - Disabled)
Planeo (S-1-5-21-1955693642-3227167433-192302802-1001 - Administrator - Enabled) => C:\Users\Planeo
WDAGUtilityAccount (S-1-5-21-1955693642-3227167433-192302802-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{E43B6117-96A7-475F-BF11-B28402192B36}) (Version: 3.46.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Prohlížeč Seznam.cz (HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\Seznam Browser) (Version: - Seznam.cz a.s.)
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-22] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-09-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-02-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-22] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2021-02-22] (Microsoft Studios)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1955693642-3227167433-192302802-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-1955693642-3227167433-192302802-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-07-24 18:18 - 2021-01-15 21:28 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-07-24 18:18 - 2021-01-15 21:28 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-07-24 18:18 - 2021-01-15 21:28 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {47CFF4EA-A6FA-44B7-984B-FA3502FCA35D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {47CFF4EA-A6FA-44B7-984B-FA3502FCA35D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1955693642-3227167433-192302802-1001 -> {47CFF4EA-A6FA-44B7-984B-FA3502FCA35D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2020-07-02 15:42 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Calibre2\
HKU\S-1-5-21-1955693642-3227167433-192302802-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Planeo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EFF0DBB9-B9B4-4080-A5B6-631732DEA3E3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0C6F91B-CD64-4D47-906A-A38A42ED47C4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{269CD8FA-A636-4E2C-93FE-A49B78B5B0EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0FE62E05-2A5B-41B0-8BB3-EFDA315315F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99C9385D-30A9-422B-A224-26F3F9EB8470}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4BCB6AF-C390-4961-A2CD-DC9C0FD9C7F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE685A40-F0AA-400B-A6F7-65BB2BA0D6A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{133973A5-5698-4095-9961-C076337E034F}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{6A09C943-A373-4512-8F4C-E7834F868544}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6FA2810E-CFC1-4965-9BC1-04D30D12F5B6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{CDB44D9B-958E-4D74-A532-199B0D792280}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1A306DD6-8248-4949-A0FB-B195E80307AC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10C40232-AE5F-4A2D-9FD1-19BF3C98D002}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{451AF59D-9832-47CE-A3C0-0B1626D851DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB8817A-7596-4602-940D-D22B7C43546E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5769CA8F-AC44-403E-A94C-35D95F81398A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C233D4BF-F2F1-4F6E-95CB-F3B8CEE1FA84}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{257FCC6D-01D7-4611-9863-75B41298C67F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{825E12C1-A07F-4D0F-95DD-49301E04AEAF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{582EE06E-BB3A-4AD2-8E0F-8AF1CD8688FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AA9979C4-1DB9-4144-9B8B-0B5E0B2187BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{10090F9B-E7D0-4111-B5BA-E8BB849A589C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F33090ED-00B7-4F5D-B19B-B2BD56232503}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{076EA443-93A3-4304-81EF-45DD8DAB06F3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{95581912-15ED-4BAF-9614-5EF6316071CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F34FEF95-4289-400D-8C1C-6F48849A6408}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93922DF4-D83B-4E36-9E2A-FFDCF7150F52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FE8214E0-6A1F-4AF4-BAB0-F66C58B02625}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8CC5411-CB08-4705-9319-73B1907C7B7A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )

==================== Restore Points =========================

22-02-2021 07:27:34 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/22/2021 04:53:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí IntelWLANEventProvider se pokusil zaregistrovat dotaz select * from CIntelQosEvent, jehož cílová třída CIntelQosEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (02/22/2021 04:53:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí IntelWLANEventProvider se pokusil zaregistrovat dotaz select * from CIntelDot1xEvent, jehož cílová třída CIntelDot1xEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (02/22/2021 04:53:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí IntelWLANEventProvider se pokusil zaregistrovat dotaz select * from CIntelWLANEvent, jehož cílová třída CIntelWLANEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (02/22/2021 04:53:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí se pokusil zaregistrovat dotaz select * from CIntelQosEvent, jehož cílová třída CIntelQosEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (02/22/2021 04:53:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí se pokusil zaregistrovat dotaz select * from CIntelDot1xEvent, jehož cílová třída CIntelDot1xEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (02/22/2021 04:53:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí se pokusil zaregistrovat dotaz select * from CIntelWLANEvent, jehož cílová třída CIntelWLANEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (02/22/2021 04:53:20 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (02/22/2021 04:53:09 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A


System errors:
=============
Error: (02/22/2021 08:45:15 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 07:45:07 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 07:09:01 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 06:45:07 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 05:45:07 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 05:17:02 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K0U1NRJO)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 04:49:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba ZeroConfigService byla ukončena s následující chybou:
%%2147770990

Error: (02/22/2021 04:46:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba HPWMISVC je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


==================== Memory info ===========================

BIOS: Insyde F.24 01/20/2017
Motherboard: HP 81F1
Processor: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz
Percentage of memory in use: 92%
Total physical RAM: 3938.27 MB
Available physical RAM: 300.68 MB
Total Virtual: 5154.27 MB
Available Virtual: 999.91 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:449.96 GB) (Free:311.23 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.83 GB) (Free:1.63 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{d9756321-1b15-4f72-91c5-150f68de0dcc}\ () (Fixed) (Total:1.7 GB) (Free:1.14 GB) NTFS
\\?\Volume{0c92fccd-c57c-462a-8a0c-f12ca9539f04}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8E61EA2B)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119412
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zasekaný NTB

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Task: {31388A7B-48D4-45C7-9ECC-35EB77588DE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
Task: {51955B34-BFAE-415E-BCDC-996306810A26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DCD5A8C8-4216-4C91-AB8F-ECD3B5956798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

EmptyTemp:
End
Uložte do C:\Users\Planeo\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Martin D.
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 29 bře 2009 11:09

Re: Zasekaný NTB

#9 Příspěvek od Martin D. »

Díky. Tady:

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-02-2021
Ran by Planeo (22-02-2021 11:07:11) Run:1
Running from C:\Users\Planeo\Downloads
Loaded Profiles: defaultuser0 & Planeo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Task: {31388A7B-48D4-45C7-9ECC-35EB77588DE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
Task: {51955B34-BFAE-415E-BCDC-996306810A26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DCD5A8C8-4216-4C91-AB8F-ECD3B5956798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-31] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-1955693642-3227167433-192302802-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31388A7B-48D4-45C7-9ECC-35EB77588DE0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31388A7B-48D4-45C7-9ECC-35EB77588DE0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51955B34-BFAE-415E-BCDC-996306810A26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51955B34-BFAE-415E-BCDC-996306810A26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCD5A8C8-4216-4C91-AB8F-ECD3B5956798}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCD5A8C8-4216-4C91-AB8F-ECD3B5956798}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14784924 B
Java, Flash, Steam htmlcache => 1198 B
Windows/system/drivers => 2336448 B
Edge => 158123 B
Chrome => 8504859 B
Firefox => 16752286 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 13312 B
NetworkService => 23700 B
defaultuser0 => 30356 B
Planeo => 6064019 B

RecycleBin => 0 B
EmptyTemp: => 56.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:08:35 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119412
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zasekaný NTB

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Martin D.
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 29 bře 2009 11:09

Re: Zasekaný NTB

#11 Příspěvek od Martin D. »

Ano. notebook je teď o dost svižnější.

Děkuji. :worship: :worship:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119412
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zasekaný NTB

#12 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“