Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola po delší době

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Kontrola po delší době

#1 Příspěvek od ccc »

Prosím o kontrolu, začala mi vyskakovat hláška, že nejde spustit centrum zabezpečení Win

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-04-2022 01
Ran by Ctibor (administrator) on DESKTOP-LS5PE88 (Dell Inc. Inspiron 5570) (18-04-2022 15:33:27)
Running from C:\Users\Ctibor\Desktop
Loaded Profiles: Ctibor
Platform: Microsoft Windows 10 Home Version 21H2 19044.1645 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
(D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Program Files (x86)\TeamViewer\tv_w32.exe
(D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Program Files (x86)\TeamViewer\tv_x64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (ACD Systems International Inc. -> ACD Systems) D:\Program Files\ACD Systems\ACDSee Luxea\acdIDInTouch2.exe
(explorer.exe ->) (CYBERLINK CORPORATION.) C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp\Power2Go11\CLMLSvc_P2G11.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Users\Ctibor\Desktop\DesktopOK_x64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(IObit CO., LTD -> IObit) D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) D:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubPlatform.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) D:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(services.exe ->) (Piriform Software Ltd -> ) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(sihost.exe ->) (Screenovate Technologies) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe
(svchost.exe ->) (Discord Inc. -> Intel Corporation) [File not signed] C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(svchost.exe ->) (Screenovate Technologies) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\DellMobileConnectUniversalClient.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Ctibor\AppData\Local\Kingsoft\WPS Office\11.2.0.11074\office6\wpscenter.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [VCVS06EN] => D:\Program Files\ACD Systems\ACDSee Luxea\acdIDInTouch2.exe [2155928 2021-05-12] (ACD Systems International Inc. -> ACD Systems)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\UniConverter 13\WSVCUUpdateHelper.exe [38872 2022-04-14] (Wondershare Technology Group Co.,Ltd -> )
HKLM-x32\...\Run: [DivXMediaServer] => D:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM-x32\...\Run: [kpm_tray.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [607032 2020-08-11] (Kaspersky Lab -> AO Kaspersky Lab)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\Run: [DesktopOK] => C:\Users\Ctibor\Desktop\DesktopOK_x64.exe [694152 2020-08-07] (Nenad Hrg -> Nenad Hrg SoftwareOK)
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575944 2017-12-14] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {55ce077a-7f58-11ec-9ec1-5cea1dacf5ac} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bcc0c-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bcc65-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bccab-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885f1dce-c04d-11ea-9e6d-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {c18a7b91-43b8-11eb-9e87-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {ea43400e-79dd-11ec-9ebd-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {ea434153-79dd-11ec-9ebd-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2014-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\sxj2m Langmon: C:\WINDOWS\system32\sxj2mlm.dll [34304 2013-12-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\100.1.37.116\Installer\chrmstp.exe [2022-04-15] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\Ctibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar681.lnk [2022-04-18]
ShortcutTarget: Sidebar681.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
InternetURL: C:\Users\Ctibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SZWfJCdRRo.url -> URL: "C:\Users\Ctibor\AppData\Local\Temp\BXjhYHAHcf\rSCyEIqXqdhKh.js"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {140387B1-2F64-47F1-A2BF-73B4D12E5A47} - System32\Tasks\Mozilla\Firefox Nightly Default Browser Agent 6F193CCC56814779 => C:\Program Files\Firefox Nightly\default-browser-agent.exe do-task "6F193CCC56814779"
Task: {1D4A4957-CC4C-41A0-8F02-CF3EC2D932DA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {2B4220DE-A917-43B8-90CD-640B962FC60A} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {5C46B0F7-FBD0-4EB9-AAC8-3678DD7FFE91} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6042FD10-1A3E-4296-8958-C95DCC24C4E7} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-22] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {659F5D45-DCFA-48ED-B01C-6F4904021230} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)
Task: {6E7C79F8-DA86-4319-8332-45095C1A985A} - System32\Tasks\WpsExternal_Ctibor_20220412182559 => C:\Users\Ctibor\AppData\Local\Kingsoft\WPS Office\11.2.0.11074\office6\wpscloudsvr.exe [1058048 2022-04-12] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {7BD5B62F-9426-4F32-8A8D-4700AC342A9A} - System32\Tasks\klcp_update => D:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2110976 2022-04-01] () [File not signed]
Task: {82686902-C9C6-4376-A159-FAB6A9C0C688} - System32\Tasks\Mozilla\Firefox Nightly Background Update 6F193CCC56814779 => C:\Program Files\Firefox Nightly\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\6F193CCC56814779\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8332262D-E6E1-45C7-85BD-487082DDFF2E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {83C34800-5109-4DB9-AF10-CFFE1366E5B3} - System32\Tasks\iTop Screenshot SkipUAC (Ctibor) => C:\Program Files\iTop Screenshot\iScrShot.exe [7622656 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {8F90013C-555B-449E-A2A1-F18065D443EE} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task (No File)
Task: {924065A7-03CF-417C-A44A-1094A2EDF1A2} - System32\Tasks\CCleanerSkipUAC - Ctibor => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A16354D4-FD9E-457F-B35E-124AB9B5AD34} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)
Task: {A621DCDA-33DD-4B72-BAEA-726BDBB57537} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-10] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {B05A9536-68B2-4281-8722-32ED34C9C6C4} - System32\Tasks\iTop Screen Recorder Update => C:\Program Files\iTop Screen Recorder\AutoUpdate.exe [2915840 2022-03-16] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {BD447457-3B95-440D-B903-03D14C87FFBB} - System32\Tasks\iTop Screen Recorder UAC => C:\Program Files\iTop Screen Recorder\iScrInit.exe [1544192 2022-03-11] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {BE0557F4-A5F3-40D9-8239-6EDAF5D3C0F9} - System32\Tasks\SmartShare => D:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe [495136 2014-12-05] (LG Electronics Inc. -> LG Electronics Inc.)
Task: {C53B4552-80B4-4B02-911F-86B8631789F7} - System32\Tasks\RunAsStdUser Task => D:\Program Files (x86)\inPixio\InPixio Photo Clip 8\LauncherIPC8.exe [1546824 2018-02-26] (Avanquest Software SAS -> InPixio) [File not signed]
Task: {CEC63210-CB62-49A6-A023-1320BD3F8E9D} - System32\Tasks\iTop Screenshot Update => C:\Program Files\iTop Screenshot\AutoUpdate.exe [2800640 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {DAA41EF4-6CD5-4167-95AB-4E7C15F2030D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {DB810B4E-91C8-4EC3-99FC-DF8432C685B0} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-10] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {EFB0FFDD-77B3-44DF-A929-416317E7A708} - System32\Tasks\Uninstaller_SkipUac_Ctibor => D:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7350808 2021-10-19] (IObit CO., LTD -> IObit)
Task: {F0B45AEE-CDBF-4FD3-89A6-AE258182AEA5} - System32\Tasks\WpsUpdateTask_Ctibor => C:\Users\Ctibor\AppData\Local\Kingsoft\WPS Office\11.2.0.11074\office6\wpsupdate.exe [170752 2022-04-12] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {F311336D-278E-4EF4-952D-23C957C3FA49} - System32\Tasks\Telemetry update-S-1-5-21-3460174932 => C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe [2077318 2022-04-12] (Discord Inc. -> Intel Corporation) [File not signed] <==== ATTENTION
Task: {F399AB49-B9EB-4998-8A35-C85C387CCA96} - System32\Tasks\ASC_SkipUac_Ctibor => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{075c91e3-8b29-48ec-a600-2b07aa63ec58}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2c939e22-4fc7-4b20-bd87-d1c8ee0094d9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5fbcf521-cbac-4eb7-aa91-aac4cde1562b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{607bd89b-c937-4e68-b5bd-6ad1fe3d2e76}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{81cf4d64-7ad7-4892-ac95-9e122886b3a9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b1e07f20-8c69-48fc-9ca3-647b4416ed16}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d6bd6991-2b14-4e75-bd21-f903404b7146}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f0f8cbd4-5582-4425-bd03-17a9d6f6dbfa}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
DownloadDir: C:\Users\Ctibor\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Ctibor\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-18]
Edge DownloadDir: Default -> C:\Users\Ctibor\Downloads
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> seznam.cz
Edge DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
Edge Extension: (Ochrana Kaspersky) - C:\Users\Ctibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-12-30]
Edge HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: 9opvquch.default
FF ProfilePath: C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\nvgd6jd3.default-nightly-1 [2022-04-18]
FF user.js: detected! => C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\nvgd6jd3.default-nightly-1\user.js [2021-12-11]
FF ProfilePath: C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly [2022-04-18]
FF user.js: detected! => C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\user.js [2021-12-11]
FF Homepage: Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly -> hxxps://www.seznam.cz/
FF Extension: (Tipli do prohlížeče) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\@tipli-do-prohlizece-.xpi [2021-08-08]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-07-25]
FF Extension: (Ochrana Kaspersky) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2021-09-26]
FF Extension: (Ochrana Kaspersky) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com.xpi [2021-10-08]
FF Extension: (Google Translator for Firefox) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\translator@zoli.bod.xpi [2019-05-05]
FF Extension: (Flagfox) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2021-09-26]
FF Extension: (Live Stream Downloader) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\{2ea2bfef-af69-4427-909c-34e1f3f5a418}.xpi [2021-11-30]
FF Extension: (Video DownloadHelper) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-08-08]
FF Extension: (No Name) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-26]
FF Extension: (Hlídač Shopů) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\{d6f0f975-91a3-4d78-96f7-5f1859ad18b6}.xpi [2020-12-16]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\jlgrhg6y.default-nightly\Extensions\{ea692a27-4873-406e-bbc6-010c2dd9e9b5}.xpi [2021-09-26]
FF ProfilePath: C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default [2022-04-18]
FF user.js: detected! => C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\user.js [2021-12-11]
FF Homepage: Mozilla\Firefox\Profiles\9opvquch.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\9opvquch.default -> hxxps://aukro.cz; hxxps://vitezove.cz; hxxps://www.kupi.cz; hxxps://www.blesk.cz; hxxps://www.instagram.com; hxxps://www.wetteronline.de; hxxps://www.slevomat.cz; hxxps://mallpay.cz
FF Extension: (Tipli do prohlížeče) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\@tipli-do-prohlizece-.xpi [2021-05-20]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-07-18]
FF Extension: (Ochrana Kaspersky) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2021-12-23]
FF Extension: (Google Translator for Firefox) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Extension: (Flagfox) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2022-03-30]
FF Extension: (Live Stream Downloader) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\{2ea2bfef-af69-4427-909c-34e1f3f5a418}.xpi [2021-10-10]
FF Extension: (Video DownloadHelper) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02]
FF Extension: (No Name) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-23]
FF Extension: (Hlídač Shopů) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\{d6f0f975-91a3-4d78-96f7-5f1859ad18b6}.xpi [2022-03-29]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Ctibor\AppData\Roaming\Mozilla\Firefox\Profiles\9opvquch.default\Extensions\{ea692a27-4873-406e-bbc6-010c2dd9e9b5}.xpi [2022-04-02]
FF HKLM\...\Firefox\Extensions: [{381f21b1-95bf-4042-bc5c-3a40b2a03f10}] - C:\Program Files (x86)\Francezon\ff\francezon-1.0.0-fx.xpi => not found
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{381f21b1-95bf-4042-bc5c-3a40b2a03f10}] - C:\Program Files (x86)\Francezon\ff\francezon-1.0.0-fx.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> D:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> D:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-6F193CCC56814779 - C:\Program Files\Firefox Nightly\firefox.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-07-02] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-07-02] <==== ATTENTION

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

Opera:
=======
OPR Profile: C:\Users\Ctibor\AppData\Roaming\Opera Software\Opera Stable [2022-04-18]
OPR Extension: (Rich Hints Agent) - C:\Users\Ctibor\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Ctibor\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-25]

Brave:
=======
BRA Profile: C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-04-18]
BRA Extension: (Překladač Google) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-12]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-04-18]
BRA Extension: (Brave NTP background images) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-04-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-04-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2022-04-18]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2022-04-10]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-04-10]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-04-18]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Ctibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-04-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe [184768 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-10] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-10] (Brave Software, Inc. -> BraveSoftware Inc.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [795376 2022-04-07] (Piriform Software Ltd -> )
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2021-08-23] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [21400 2022-03-23] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{CB9E7ADC-CF73-4086-8A5A-D8FECEEE7618} [21312 2020-10-16] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44328 2022-03-16] (Dell Inc -> )
R2 FoxitReaderUpdateService; D:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2359424 2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-11-08] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 IObitUnSvr; D:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158232 2021-08-04] (IObit CO., LTD -> IObit)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351472 2020-08-11] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMService; D:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-11] (Malwarebytes Inc -> Malwarebytes)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2021-06-15] (Qualcomm Atheros, Inc. -> )
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
S3 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13274600 2022-04-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1055944 2021-08-28] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2022-04-18] (CPUID S.A.R.L.U. -> CPUID)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Huawei Technologies Co., Ltd.) [File not signed]
R3 iqvw64e.sys; C:\WINDOWS\TEMP\iqvw64e.sys [34568 2022-04-18] (Intel Corporation -> Intel Corporation)
R3 IUFileFilter; D:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; D:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; D:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [687936 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1542440 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [290600 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [309272 2022-03-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [319176 2022-04-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116008 2022-03-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [227664 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-15] (Malwarebytes Inc -> Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2019-12-12] (北京铠信神州科技有限责任公司 -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 ScrHIDDriver3; C:\WINDOWS\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S4 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-30] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-30] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
U4 Sense; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-18 15:33 - 2022-04-18 15:33 - 000044661 _____ C:\Users\Ctibor\Desktop\FRST.txt
2022-04-18 15:32 - 2022-04-18 15:32 - 000000000 ____D C:\ProgramData\Piriform
2022-04-18 15:29 - 2022-04-18 15:29 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-18 15:03 - 2022-04-18 15:33 - 000000000 ____D C:\FRST
2022-04-18 15:02 - 2022-04-18 15:02 - 002366464 _____ (Farbar) C:\Users\Ctibor\Desktop\FRST64.exe
2022-04-18 14:31 - 2022-04-18 14:31 - 008551608 _____ (Malwarebytes) C:\Users\Ctibor\Desktop\adwcleaner.exe
2022-04-18 13:47 - 2022-04-18 13:47 - 000003098 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_Ctibor
2022-04-18 13:47 - 2022-04-18 13:47 - 000001306 _____ C:\Users\Public\Desktop\Advanced SystemCare.lnk
2022-04-18 13:42 - 2022-04-18 13:42 - 000000000 ____D C:\Users\Ctibor\AppData\Roaming\Google
2022-04-18 13:41 - 2022-04-18 13:41 - 000000000 ____D C:\Users\Ctibor\AppData\Local\Yandex
2022-04-18 13:40 - 2022-04-18 13:40 - 000000000 ____D C:\Program Files (x86)\Company
2022-04-18 13:39 - 2022-04-18 13:49 - 000000000 ____D C:\ProgramData\ConsoleApp
2022-04-18 13:39 - 2022-04-18 13:39 - 000004036 _____ C:\WINDOWS\system32\Tasks\Telemetry update-S-1-5-21-3460174932
2022-04-15 13:59 - 2022-04-15 13:59 - 000137222 _____ C:\Users\Ctibor\Downloads\CertifikatTestu..pdf
2022-04-14 18:21 - 2022-04-14 18:21 - 000000946 _____ C:\Users\Public\Desktop\LibreOffice 7.3.lnk
2022-04-14 18:21 - 2022-04-14 18:21 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.3
2022-04-14 18:15 - 2022-04-14 18:15 - 000000779 _____ C:\Users\Ctibor\Desktop\Telegram.lnk
2022-04-14 15:26 - 2022-04-14 15:26 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2022-04-14 15:25 - 2022-04-14 15:25 - 000000000 ____D C:\Users\Ctibor\AppData\Roaming\Wondershare
2022-04-14 15:23 - 2022-04-14 15:25 - 000000000 ____D C:\Users\Ctibor\AppData\Local\Wondershare
2022-04-14 15:23 - 2022-04-14 15:23 - 000000975 _____ C:\Users\Public\Desktop\Wondershare UniConverter 13.lnk
2022-04-14 15:23 - 2022-04-14 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-04-14 15:23 - 2022-04-14 15:23 - 000000000 ____D C:\ProgramData\GraphicsType13
2022-04-14 15:22 - 2022-04-14 17:53 - 000000000 ____D C:\ProgramData\Wondershare
2022-04-14 15:22 - 2022-04-14 15:22 - 000000000 ____D C:\Users\Ctibor\AppData\Roaming\TransferSupport
2022-04-14 15:22 - 2022-04-14 15:22 - 000000000 ____D C:\Program Files\Wondershare
2022-04-14 15:21 - 2022-04-14 15:23 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-04-14 14:01 - 2022-04-14 14:01 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-14 14:01 - 2022-04-14 14:01 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-14 14:01 - 2022-04-14 14:01 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-14 14:01 - 2022-04-14 14:01 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-14 13:52 - 2022-04-14 13:52 - 000000000 ___HD C:\$WinREAgent
2022-04-13 14:53 - 2022-04-18 14:15 - 000670608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 11:57 - 2022-04-14 17:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-12 18:26 - 2022-04-12 18:26 - 000003766 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Ctibor
2022-04-12 18:25 - 2022-04-12 18:25 - 000004084 _____ C:\WINDOWS\system32\Tasks\WpsExternal_Ctibor_20220412182559
2022-04-12 13:37 - 2022-04-12 13:37 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-04-12 09:54 - 2022-04-12 09:54 - 095784960 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2022-04-12 09:54 - 2022-04-12 09:54 - 009150464 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2022-04-12 09:54 - 2022-04-12 09:54 - 001482752 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2022-04-12 09:54 - 2022-04-12 09:54 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2022-04-12 09:54 - 2022-04-12 09:54 - 000028672 _____ C:\WINDOWS\system32\config\SAM.iobit
2022-04-10 20:13 - 2022-04-15 08:35 - 000002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-04-10 20:13 - 2022-04-15 08:35 - 000002335 _____ C:\Users\Public\Desktop\Brave.lnk
2022-04-10 20:12 - 2022-04-10 20:12 - 000003496 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-04-10 20:12 - 2022-04-10 20:12 - 000003372 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-04-10 20:12 - 2022-04-10 20:12 - 000000000 ____D C:\Program Files\BraveSoftware
2022-04-10 20:12 - 2022-04-10 20:12 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-04-10 20:11 - 2022-04-10 20:13 - 000000000 ____D C:\Users\Ctibor\AppData\Local\BraveSoftware
2022-04-04 18:50 - 2022-04-04 18:50 - 000000000 ____D C:\Program Files\dotnet
2022-04-02 10:53 - 2022-04-02 10:53 - 000027961 _____ C:\Users\Ctibor\Downloads\Facebook_Group_Insights_4-02-2022.xlsx
2022-03-30 10:54 - 2022-03-30 10:54 - 000000000 ____D C:\WINDOWS\{5BF649D5-3792-4AA7-AD61-440602FF706A}
2022-03-30 10:50 - 2022-03-30 10:50 - 000003336 _____ C:\WINDOWS\system32\Tasks\iTop Screen Recorder Update
2022-03-30 10:50 - 2022-03-30 10:50 - 000001022 _____ C:\Users\Public\Desktop\iTop Screen Recorder.lnk
2022-03-24 12:58 - 2022-03-24 12:58 - 000040683 _____ C:\Users\Ctibor\Documents\podpora1.odt
2022-03-23 22:25 - 2022-03-23 22:25 - 000001385 _____ C:\Users\Public\Desktop\Skype.lnk
2022-03-22 10:26 - 2022-03-22 10:26 - 000000000 ____D C:\Users\Ctibor\AppData\Roaming\LibreOffice
2022-03-22 00:45 - 2022-04-07 09:13 - 000319176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-03-22 00:44 - 2022-03-22 00:44 - 000116008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-03-21 12:13 - 2022-04-13 11:27 - 000227664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-03-21 12:13 - 2022-03-21 12:13 - 000309272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-18 15:32 - 2019-04-16 21:07 - 000000000 ____D C:\Users\Ctibor\Documents\ccleaner
2022-04-18 15:31 - 2018-08-19 19:07 - 000000000 ____D C:\Users\Ctibor\AppData\Local\CrashDumps
2022-04-18 15:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-18 15:30 - 2019-04-16 17:47 - 000000000 ____D C:\Program Files\CCleaner
2022-04-18 15:29 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-18 15:17 - 2019-04-18 22:57 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2022-04-18 15:04 - 2020-08-10 22:03 - 001693350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-18 15:04 - 2019-12-07 16:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-18 15:04 - 2019-12-07 16:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-18 15:00 - 2020-08-10 22:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-18 15:00 - 2020-08-10 21:58 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-18 15:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-18 15:00 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-04-18 15:00 - 2018-06-13 02:44 - 000000000 __SHD C:\Users\Ctibor\IntelGraphicsProfiles
2022-04-18 15:00 - 2018-04-20 08:59 - 000000000 ____D C:\Intel
2022-04-18 14:54 - 2018-06-13 15:53 - 000000000 ____D C:\Users\Ctibor\AppData\LocalLow\Mozilla
2022-04-18 14:53 - 2021-12-10 07:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-18 14:39 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-18 14:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-18 14:33 - 2021-12-11 20:41 - 000000000 ____D C:\Program Files (x86)\IObit
2022-04-18 14:33 - 2021-12-11 20:40 - 000000000 ____D C:\Users\Ctibor\AppData\LocalLow\IObit
2022-04-18 14:33 - 2021-12-11 20:39 - 000000000 ____D C:\Users\Ctibor\AppData\Roaming\IObit
2022-04-18 14:33 - 2021-12-11 20:39 - 000000000 ____D C:\ProgramData\IObit
2022-04-18 14:14 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-18 09:08 - 2020-08-10 21:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-17 18:51 - 2020-06-09 18:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-17 18:51 - 2020-06-09 18:14 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-17 08:23 - 2018-06-13 22:33 - 000000000 ____D C:\Users\Ctibor\AppData\Local\D3DSCache
2022-04-17 08:21 - 2021-12-11 20:40 - 000000000 ____D C:\ProgramData\ProductData
2022-04-14 18:15 - 2020-07-31 21:28 - 000000000 ____D C:\Users\Ctibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-04-14 18:15 - 2020-03-06 19:26 - 000000914 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2022-04-14 18:15 - 2019-04-16 17:47 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-04-14 17:51 - 2019-03-06 23:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-14 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-14 15:32 - 2020-11-12 19:50 - 000000000 ____D C:\ProgramData\Temp
2022-04-14 14:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 13:51 - 2018-06-13 03:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-14 13:49 - 2018-06-13 03:25 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 15:06 - 2018-04-20 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-13 15:00 - 2021-10-15 18:25 - 000000000 ____D C:\WINDOWS\Panther
2022-04-13 14:56 - 2020-08-10 22:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-13 14:56 - 2019-03-06 23:58 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-13 14:53 - 2020-08-10 21:59 - 000000000 ____D C:\Users\Ctibor
2022-04-13 14:26 - 2020-08-10 22:06 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2022-04-13 14:26 - 2020-02-25 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-04-12 18:25 - 2021-05-02 08:49 - 000002511 _____ C:\Users\Ctibor\Desktop\WPS PDF.lnk
2022-04-10 10:45 - 2020-08-10 22:06 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-10 10:45 - 2020-08-10 22:06 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-07 09:08 - 2021-12-11 20:42 - 000000000 ____D C:\Program Files\iTop Screen Recorder
2022-04-05 16:22 - 2021-01-23 12:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-04 11:29 - 2018-06-20 01:06 - 000000741 _____ C:\Users\Public\Desktop\WinRAR.lnk
2022-04-04 11:29 - 2018-06-20 01:06 - 000000000 ____D C:\Users\Ctibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-04 11:29 - 2018-06-20 01:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-30 10:55 - 2019-02-22 15:11 - 000000000 ____D C:\Program Files (x86)\Dell
2022-03-30 10:55 - 2018-04-20 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2022-03-30 10:50 - 2021-12-11 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTop Screen Recorder
2022-03-23 22:26 - 2021-05-02 08:50 - 000000000 ____D C:\Users\Ctibor\Documents\WPS Cloud Files
2022-03-23 22:25 - 2018-10-09 13:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-03-23 21:13 - 2021-01-23 12:10 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2021-01-23 12:10 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2021-03-13 17:28 - 2021-03-13 17:28 - 000000017 _____ () C:\Users\Ctibor\AppData\Local\resmon.resmoncfg
2019-03-05 18:44 - 2019-03-05 18:44 - 000000003 _____ () C:\Users\Ctibor\AppData\Local\wbem.ini

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-03-11] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2022 01
Ran by Ctibor (18-04-2022 15:34:26)
Running from C:\Users\Ctibor\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1645 (X64) (2020-08-10 20:06:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-23706646-915901248-1472009044-500 - Administrator - Disabled)
Ctibor (S-1-5-21-23706646-915901248-1472009044-1001 - Administrator - Enabled) => C:\Users\Ctibor
DefaultAccount (S-1-5-21-23706646-915901248-1472009044-503 - Limited - Disabled)
Guest (S-1-5-21-23706646-915901248-1472009044-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-23706646-915901248-1472009044-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.12 (HKLM\...\{B3C67C95-860B-4362-98C2-0444F8A9B490}) (Version: 4.12.4.3660 - Open Media LLC)
4K YouTube to MP3 (HKLM\...\{7E1549C2-D4F3-4C97-BC88-903FA2046D6E}) (Version: 4.2.1.4460 - Open Media LLC) Hidden
4K YouTube to MP3 (HKLM-x32\...\{31e0e22e-c8f3-4670-80be-835e61eab0c8}) (Version: 4.2.1.4460 - Open Media LLC)
8GadgetPack (HKLM-x32\...\{9004136E-78D3-46A4-893C-C4E38D871243}) (Version: 34.0.0 - 8GadgetPack.net)
ACDSee Luxea Video Editor (HKLM\...\{4CC070B3-0CD4-4640-87D0-09D4FED04180}) (Version: 6.0.1.1575 - ACD Systems International Inc.)
ACDSee Video Studio 3 (HKLM\...\{0D131D55-6F49-4E84-B4B7-33B8D291CFA5}) (Version: 3.0.0.219 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Advanced System Care 15.1 (HKLM-x32\...\Advanced System Care 15.1) (Version: 15.1 - Company)
AIDA64 Extreme v6.32 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.32 - FinalWire Ltd.)
Apowersoft Online Launcher verze 1.7.1 (HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 100.1.37.116 - Autoři prohlížeče Brave)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.7.21.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.7.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.2.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.7.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.6.30.1 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.19.10.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.10.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{7CA33C94-C7F2-4E31-8F9D-09D03FE0319C}) (Version: 5.5.2.16157 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85c0b416-3065-407c-9fd8-a1e41780153a}) (Version: 5.5.2.16157 - Dell Inc.)
Dell Update (HKLM-x32\...\{051401F9-2A83-4E2B-9454-9ED39AA60491}) (Version: 4.5.0 - Dell Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.9.0 - DivX, LLC)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
eObčanka (HKLM\...\{45F6BE7F-4C79-4E99-A6C8-63919DFF6F87}) (Version: 3.1.1.19123 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.2.1.53537 - Foxit Software Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.590 - Huawei Technologies Co., Ltd.)
HitFilm Express (HKLM\...\{9A1B8365-D65A-4BED-938F-6222C58CDA5E}) (Version: 13.1.9319.49035 - FXHOME)
inPixio Photo Clip 8 (HKLM-x32\...\{65634D2B-B6D1-4B35-B4C9-F3999B8D008B}) (Version: 8.1.0 - InPixio)
InPixio Photo Clip Pro 8.1 Activation verze 8.1 (HKLM-x32\...\{45EE8F08-5EF2-4E11-A3C2-A68114B7E0D0}_is1) (Version: 8.1 - InPixio)
Intel GFX Driver (HKLM-x32\...\{ca0ebadf-f7bd-4e32-9fec-e19a5d68c724}) (Version: 1.0.0.0 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.364 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.63.1155.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{1abcb68a-399f-47fe-aa39-6da46522db0b}) (Version: 1.63.1155.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
IObit Uninstaller 11 (HKLM-x32\...\IObitUninstall) (Version: 11.1.0.18 - IObit)
iTop Screen Recorder (HKLM-x32\...\iTop Screen Recorder_is1) (Version: 2.2.0.699 - iTop Inc.)
iTop Screenshot (HKLM-x32\...\iTop Screenshot_is1) (Version: 1.2.1.535 - iTop Inc.)
Kaspersky Free (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
K-Lite Mega Codec Pack 16.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.9.5 - KLCP)
Kodi (HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\Kodi) (Version: - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LibreOffice 7.3.2.2 (HKLM\...\{001D6695-F9B8-4CBD-AA92-FE8A58638060}) (Version: 7.3.2.2 - The Document Foundation)
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM-x32\...\{3c001ec7-478b-4d22-8d92-a6561d20091f}) (Version: 5.0.14.30907 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.44 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 99.0.1 (x64 cs)) (Version: 99.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0a1 - Mozilla)
Nightly (x64 cs) (HKLM\...\Nightly 97.0a1 (x64 cs)) (Version: 97.0a1 - Mozilla)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10528 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.19042.31267 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.5 - VS Revo Group, Ltd.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Skype verze 8.82 (HKLM-x32\...\Skype_is1) (Version: 8.82 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Název společnosti:)
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 1.00.0000 - LG Electronics Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.28.9 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.6.1 - Telegram FZ-LLC)
Tipard DVD Ripper 10.0.22 (HKLM-x32\...\{CB31166F-62E4-4172-8186-16E539B1096B}_is1) (Version: 10.0.22 - Tipard Studio)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter 13(Build 13.6.1.18) (HKLM\...\UniConverter 13_is1) (Version: 13.6.1.18 - Wondershare Software)
WPS Office (11.2.0.11074) (HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\Kingsoft Office) (Version: 11.2.0.11074 - Kingsoft Corp.)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1712.2.49 - ZONER software)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2240.1.0_x64__kgqvnymyfvs32 [2022-04-06] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.215.400.0_x64__kgqvnymyfvs32 [2022-04-07] (king.com)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.5.0_x64__htrsf667h5kn2 [2021-11-20] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-09-14] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-11-08] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.10.10.0_x64__htrsf667h5kn2 [2021-11-08] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-07-20] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2021-11-21] (Dell Inc)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_6.7.12.0_x86__h6adky7gbf63m [2022-03-09] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.12.419.0_x64__rz1tebttyb220 [2022-03-04] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-30] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2021-12-12] (Instagram)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-04-02] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-26] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2021-12-06] (INTEL CORP) [Startup Task]
PDF X -> C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.3.16.0_x64__sbe4t8mqwq93a [2022-04-12] (NG PDF Lab)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-14] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-15] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-08-17] (CYBERLINK CORPORATION.)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30391.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-25] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2021-10-27] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-03] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-23706646-915901248-1472009044-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Ctibor\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-23706646-915901248-1472009044-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Ctibor\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-23706646-915901248-1472009044-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Ctibor\AppData\Local\Kingsoft\WPS Office\11.2.0.11074\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-23706646-915901248-1472009044-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-23706646-915901248-1472009044-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Ctibor\AppData\Local\Kingsoft\WPS Office\11.2.0.11074\office6\kwpsmenushellext64.dll [2022-04-12] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-23706646-915901248-1472009044-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Ctibor\AppData\Local\Kingsoft\WPS Office\11.2.0.11074\office6\kwpsmenushellext64.dll [2022-04-12] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Nightly.lnk -> C:\Program Files\Firefox Nightly\firefox.exe (Mozilla Corporation)

==================== Loaded Modules (Whitelisted) =============

2022-04-14 15:23 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2022-04-14 15:23 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2022-02-25 21:24 - 1831-01-23 02:50 - 005563392 _____ (ActVer©®™) [File not signed] D:\Program Files (x86)\IObit\IObit Uninstaller\version.dll
2022-02-22 10:24 - 2022-02-22 10:24 - 002692608 _____ (Castle Project Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Castle.Core\3f345953217ff493b07acf1186857405\Castle.Core.ni.dll
2022-02-22 10:24 - 2022-02-22 10:24 - 002308608 _____ (Castle Project Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Castle.Windsor\bf43cc39aa4f7bd16114ba08ac94d1d9\Castle.Windsor.ni.dll
2021-12-11 22:25 - 2021-07-13 09:45 - 000662528 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2021-12-04 15:41 - 2021-12-04 15:41 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2020-03-26 16:51 - 2020-03-26 16:51 - 003676432 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\avcodec-57.dll
2020-03-26 16:51 - 2020-03-26 16:51 - 001295632 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\avutil-55.dll
2020-03-26 16:51 - 2020-03-26 16:51 - 000034576 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\openobex.dll
2020-03-26 16:51 - 2020-03-26 16:51 - 000065808 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\sbc.dll
2021-09-19 17:21 - 2021-09-19 17:21 - 040357648 _____ (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\core.dll
2021-09-19 17:21 - 2021-09-19 17:21 - 008830976 _____ (Screenovate Technologies Ltd.) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\core.uwp.dll
2021-09-19 17:21 - 2021-09-19 17:21 - 046896128 _____ (Screenovate Technologies Ltd.) [File not signed] C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\DellMobileConnectUniversalClient.dll
2022-04-14 15:23 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-23706646-915901248-1472009044-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
Toolbar: HKU\S-1-5-21-23706646-915901248-1472009044-1001 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2019-03-05 18:44 - 002097614 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1 sharefolder.online
127.0.0.1 install.portmdfmoon.com
127.0.0.1 adkqow01283.pw
127.0.0.1 telechargini.com
127.0.0.1 rothsideadome.pw
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz
127.0.0.1 discretdan.com

2018-10-04 23:08 - 2021-04-22 15:50 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-23706646-915901248-1472009044-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\dell\bluelava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_rgb.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "kpm_tray.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{71629D61-326C-4431-B436-DD1A8A350CFC}D:\program files (x86)\inpixio\inpixio photo clip 8\launcheripc8.exe] => (Block) D:\program files (x86)\inpixio\inpixio photo clip 8\launcheripc8.exe (Avanquest Software SAS -> InPixio) [File not signed]
FirewallRules: [TCP Query User{A9F88886-D21D-43F7-901E-B1327592B8CE}D:\program files (x86)\inpixio\inpixio photo clip 8\launcheripc8.exe] => (Block) D:\program files (x86)\inpixio\inpixio photo clip 8\launcheripc8.exe (Avanquest Software SAS -> InPixio) [File not signed]
FirewallRules: [{261B7147-880E-475D-B2C1-6931B1666CC3}] => (Allow) C:\Program Files\Firefox Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1BCF6350-E7E5-4FE1-A18A-F89A0C82CBC9}] => (Allow) C:\Program Files\Firefox Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A687EF6-94A2-4FA4-B75C-4E9DCC2E77DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A8A6D3F3-44C3-40CE-B85A-478C4BF6D13B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2776AE53-E4D7-41B3-BAE8-0C7546197940}] => (Allow) C:\WINDOWS\IqYWraBOUnH.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{0C45E0DD-7BA5-4420-AFAA-A8392B0940F5}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{78D5DCE5-4F4E-43D3-BB27-6CCFE12B57DF}] => (Allow) C:\Users\Ctibor\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CE8F088A-2E6A-4D72-9944-037B3D2AE504}] => (Allow) C:\Users\Ctibor\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A0C205B4-AFAD-4401-A79F-F38A7BBFAB20}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D223818C-FAFF-4564-A515-C99A4A359DDD}] => (Allow) D:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{C11CA3EA-2F92-4359-BCB7-67948469EFAD}] => (Allow) D:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{1171583E-8F54-4611-A234-7D05C69669C9}] => (Allow) D:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{E88F1801-13EA-4298-B964-FF4817DAF3A3}] => (Allow) D:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{B2F0572B-60C8-40EF-9748-695352A80852}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{05D62999-F554-45F5-97DC-F7423893A569}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9DB92916-3B15-496F-B805-D95D509A6E06}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADC0396B-11CB-4ED3-B495-6E2FD21BA1FD}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AB282B3A-AC9F-4CDC-8521-637A3104256E}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{165419DA-D416-4DAA-945E-110076E4341E}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{37034B8D-B177-4309-A550-4A28DD980B41}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{9938ADA5-FA44-408C-BA85-6372CAB17876}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{E4C951CA-C9EC-4E6E-8D3A-8C6887F12197}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{B9D6F42F-8F92-4264-A792-9978A33E5202}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{44FEA799-8DB0-4D21-B5DD-C2046E4ABDC6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{EF59C4E0-4A66-475B-91AF-C65C833B6BB1}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F119E66F-836C-4047-A4EF-62320FB44FC6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{8BA5C32E-7EED-4E71-AB8C-9D94882F46A6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{5ED9E10A-DD2F-4566-9BD5-FD47136A4B61}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{905B7893-6A17-4162-9535-0CB20A0CEC95}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{B8D2B955-D566-4DF6-B821-425C0B9A92F8}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{30921DCA-E4FB-4AE0-87E7-019E764FB23C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{E65A7BA0-AEBB-44DD-9F22-4CC98D0CF0B8}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{2DE86B19-947F-491E-826C-71BCADB0CD58}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{CC2A16A1-8E38-4F04-A1B9-37A7C841104A}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{882EE89E-A76B-4EF0-8F6D-ABEEDBA70A0A}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FBBF5318-9B2A-4320-ABFC-65CD6DCD5069}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{3750F6B8-F776-41FA-AFE8-6D026EF8571B}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{B35CFAC7-1CAA-4A3D-80CA-296D30D181F8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D168DAAC-DD48-4425-821E-D438B20F46DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89605223-8F78-4B57-B652-5F0D56A22D4F}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9B0757F1-4AC4-48D1-81EA-F157B2E951A6}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{121C9DA5-0732-463C-A74C-ADD37E9AFF11}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CAAD5632-8D09-4280-9C3A-DDD7842D11BA}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ED4CE889-F2EF-41CA-B857-49DCEB8E6435}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Restore Points =========================

15-04-2022 22:25:39 Naplánovaný kontrolní bod
17-04-2022 19:00:02 Windows Zálohování

==================== Faulty Device Manager Devices ============

Name: LAPTOP-OS38FU8S A2DP SNK
Description: Jímka Microsoft Bluetooth A2dp
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2dp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (04/18/2022 02:23:56 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-LS5PE88)
Description: AppUp.IntelGraphicsExperience_8j3eq9eme6ctt-2147024891

Error: (04/18/2022 02:23:56 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-LS5PE88)
Description: AppUp.IntelGraphicsExperience_8j3eq9eme6ctt-2147024891

Error: (04/18/2022 02:15:20 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (4308,U,98) SRUJet: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1216.

Error: (04/18/2022 02:15:20 PM) (Source: ESENT) (EventID: 494) (User: )
Description: svchost (4308,U,98) SRUJet: Obnovení databáze selhalo a došlo k chybě -1216, protože se zjistily odkazy na databázi C:\WINDOWS\system32\sru\SRUDB.dat, která už není dostupná. Databáze se před odebráním (nebo případným přesunutím nebo přejmenováním) nepřevedla do stavu čistého vypnutí. Databázový stroj nepovolí dokončení obnovení pro tuto instanci, dokud se znovu nevytvoří instance chybějící databáze. Pokud už databáze skutečně není dostupná a už se nevyžaduje, získáte pokyny týkající se odstranění této chyby ve znalostní bázi Microsoft Knowledge Base nebo po kliknutí na odkaz Další informace na konci této zprávy.

Error: (04/18/2022 02:14:31 PM) (Source: ESENT) (EventID: 530) (User: )
Description: Catalog Database (4440,D,29) Catalog Database: Ověření načtení stránky databáze ze souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb na posunu 5095424 (0x00000000004dc000) (stránka databáze 1243 (0x4DB)) o 4096 (0x00001000) bajtů kvůli neshodě časového razítka detekce ztraceného vyprázdnění se nepodařilo. Operace čtení se nepodaří a dojde k chybě -1119 (0xfffffba1).

Stav vyprázdnění stránky databáze 1243 (0x4DB) byl 0, zatímco stav vyprázdnění na stránce mapy vyprázdnění 0 (0x0) byl 1.

Pokud s tím budou dál problémy, obnovte databázi z předchozí zálohy. Příčinou tohoto problému je pravděpodobně vadný hardware. O další pomoc s diagnostikováním problému požádejte dodavatele hardwaru.

Error: (04/18/2022 02:14:31 PM) (Source: ESENT) (EventID: 476) (User: )
Description: Catalog Database (4440,D,29) Catalog Database: Ověření načtení stránky databáze ze souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb na posunu 5095424 (0x00000000004dc000) (stránka databáze 1243 (0x4DB)) o 4096 (0x00001000) bajtů selhalo. Stránka neobsahuje žádná data. Operace čtení selže a dojde k chybě -1019 (0xfffffc05). Pokud s tím budou dál problémy, obnovte prosím databázi z předchozí zálohy. Tento problém je pravděpodobně způsobený vadným hardwarem. O další pomoc s diagnostikováním problému požádejte dodavatele hardwaru.

Error: (04/18/2022 02:14:30 PM) (Source: ESENT) (EventID: 530) (User: )
Description: Catalog Database (4440,D,22) Catalog Database: Ověření načtení stránky databáze ze souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb na posunu 8192 (0x0000000000002000) (stránka databáze 1 (0x1)) o 4096 (0x00001000) bajtů kvůli neshodě časového razítka detekce ztraceného vyprázdnění se nepodařilo. Operace čtení se nepodaří a dojde k chybě -1119 (0xfffffba1).

Stav vyprázdnění stránky databáze 1 (0x1) byl 0, zatímco stav vyprázdnění na stránce mapy vyprázdnění 0 (0x0) byl 1.

Pokud s tím budou dál problémy, obnovte databázi z předchozí zálohy. Příčinou tohoto problému je pravděpodobně vadný hardware. O další pomoc s diagnostikováním problému požádejte dodavatele hardwaru.

Error: (04/18/2022 02:14:30 PM) (Source: ESENT) (EventID: 476) (User: )
Description: Catalog Database (4440,D,22) Catalog Database: Ověření načtení stránky databáze ze souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb na posunu 8192 (0x0000000000002000) (stránka databáze 1 (0x1)) o 4096 (0x00001000) bajtů selhalo. Stránka neobsahuje žádná data. Operace čtení selže a dojde k chybě -1019 (0xfffffc05). Pokud s tím budou dál problémy, obnovte prosím databázi z předchozí zálohy. Tento problém je pravděpodobně způsobený vadným hardwarem. O další pomoc s diagnostikováním problému požádejte dodavatele hardwaru.


System errors:
=============
Error: (04/18/2022 03:33:13 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-LS5PE88)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (04/18/2022 03:31:14 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-LS5PE88)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (04/18/2022 03:00:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AdvancedSystemCareService15 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/18/2022 02:33:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell SupportAssist Remediation byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/18/2022 02:33:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Digital Delivery Services byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (04/18/2022 02:33:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Collector byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/18/2022 02:33:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Hardware Support byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/18/2022 02:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Rivet AP Selector Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================Event[0]:

Date: 2022-04-18 13:41:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.351.1238.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18600.4
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2022-04-18 14:39:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2022-04-18 14:21:36
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\SysWOW64\scrobj.dll which has been disallowed for protected processes.

Date: 2022-04-18 13:51:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.8.0 12/07/2021
Motherboard: Dell Inc. 0D65FD
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 53%
Total physical RAM: 8089.29 MB
Available physical RAM: 3738.59 MB
Total Virtual: 13977.29 MB
Available Virtual: 8941.13 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:105.11 GB) (Free:23.03 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:429.17 GB) NTFS

\\?\Volume{c98a77a2-7807-4723-a587-affadd677451}\ () (Fixed) (Total:0.83 GB) (Free:0.28 GB) NTFS
\\?\Volume{28069473-2c2e-46ba-a337-f0e5e73660a5}\ (Image) (Fixed) (Total:11.41 GB) (Free:0.18 GB) NTFS
\\?\Volume{af4c2afc-3bfe-478e-bc7c-2c79852a7368}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.3 GB) NTFS
\\?\Volume{513df6d4-d198-44b7-aea0-7eb6ee304416}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.57 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3D343657)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 3D343FAF)

Partition: GPT.

==================== End of Addition.txt =======================
Naposledy upravil(a) ccc dne 18 dub 2022 14:37, celkem upraveno 2 x.

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#2 Příspěvek od ccc »

0

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po delší době

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#4 Příspěvek od ccc »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-18-2022
# Duration: 00:00:11
# OS: Windows 10 Home
# Scanned: 32017
# Detected: 18


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Folder C:\Users\Ctibor\Documents\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{659F5D45-DCFA-48ED-B01C-6F4904021230}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{659F5D45-DCFA-48ED-B01C-6F4904021230}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A16354D4-FD9E-457F-B35E-124AB9B5AD34}
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY


AdwCleaner[S00].txt - [1547 octets] - [05/02/2020 22:23:35]
AdwCleaner[S01].txt - [3177 octets] - [11/05/2020 15:42:58]
AdwCleaner[C01].txt - [2107 octets] - [11/05/2020 15:48:29]
AdwCleaner[S02].txt - [6428 octets] - [18/04/2022 14:33:02]
AdwCleaner[C02].txt - [4122 octets] - [18/04/2022 14:34:00]
AdwCleaner[S03].txt - [3696 octets] - [18/04/2022 16:09:37]
AdwCleaner[S04].txt - [3757 octets] - [18/04/2022 16:10:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po delší době

#5 Příspěvek od Rudy »

Preinstalled jsou jen utility od Dell, tedy OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {55ce077a-7f58-11ec-9ec1-5cea1dacf5ac} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bcc0c-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bcc65-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bccab-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885f1dce-c04d-11ea-9e6d-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {c18a7b91-43b8-11eb-9e87-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {ea43400e-79dd-11ec-9ebd-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {ea434153-79dd-11ec-9ebd-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {F311336D-278E-4EF4-952D-23C957C3FA49} - System32\Tasks\Telemetry update-S-1-5-21-3460174932 => C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe [2077318 2022-04-12] (Discord Inc. -> Intel Corporation) [File not signed] <==== ATTENTION
Task: {8F90013C-555B-449E-A2A1-F18065D443EE} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF HKLM\...\Firefox\Extensions: [{381f21b1-95bf-4042-bc5c-3a40b2a03f10}] - C:\Program Files (x86)\Francezon\ff\francezon-1.0.0-fx.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{381f21b1-95bf-4042-bc5c-3a40b2a03f10}] - C:\Program Files (x86)\Francezon\ff\francezon-1.0.0-fx.xpi => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-07-02] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-07-02] <==== ATTENTION
U4 Sense; no ImagePath
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#6 Příspěvek od ccc »

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-04-2022 01
Ran by Ctibor (18-04-2022 19:43:09) Run:1
Running from C:\Users\Ctibor\Desktop
Loaded Profiles: Ctibor
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {55ce077a-7f58-11ec-9ec1-5cea1dacf5ac} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bcc0c-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bcc65-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885bccab-2dd4-11ec-9eae-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {885f1dce-c04d-11ea-9e6d-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {c18a7b91-43b8-11eb-9e87-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {ea43400e-79dd-11ec-9ebd-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-23706646-915901248-1472009044-1001\...\MountPoints2: {ea434153-79dd-11ec-9ebd-5cea1dacf5ac} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {F311336D-278E-4EF4-952D-23C957C3FA49} - System32\Tasks\Telemetry update-S-1-5-21-3460174932 => C:\ProgramData\Local\Microsoft\Windows\Telemetry\wlanext32.exe [2077318 2022-04-12] (Discord Inc. -> Intel Corporation) [File not signed] <==== ATTENTION
Task: {8F90013C-555B-449E-A2A1-F18065D443EE} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF HKLM\...\Firefox\Extensions: [{381f21b1-95bf-4042-bc5c-3a40b2a03f10}] - C:\Program Files (x86)\Francezon\ff\francezon-1.0.0-fx.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{381f21b1-95bf-4042-bc5c-3a40b2a03f10}] - C:\Program Files (x86)\Francezon\ff\francezon-1.0.0-fx.xpi => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-07-02] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-07-02] <==== ATTENTION
U4 Sense; no ImagePath
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55ce077a-7f58-11ec-9ec1-5cea1dacf5ac} => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{885bcc0c-2dd4-11ec-9eae-5cea1dacf5ac} => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{885bcc65-2dd4-11ec-9eae-5cea1dacf5ac} => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{885bccab-2dd4-11ec-9eae-5cea1dacf5ac} => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{885f1dce-c04d-11ea-9e6d-5cea1dacf5ac} => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c18a7b91-43b8-11eb-9e87-5cea1dacf5ac} => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea43400e-79dd-11ec-9ebd-5cea1dacf5ac} => removed successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea434153-79dd-11ec-9ebd-5cea1dacf5ac} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKU\S-1-5-21-23706646-915901248-1472009044-1001\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F311336D-278E-4EF4-952D-23C957C3FA49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F311336D-278E-4EF4-952D-23C957C3FA49}" => removed successfully
C:\WINDOWS\System32\Tasks\Telemetry update-S-1-5-21-3460174932 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Telemetry update-S-1-5-21-3460174932" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F90013C-555B-449E-A2A1-F18065D443EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F90013C-555B-449E-A2A1-F18065D443EE}" => removed successfully
C:\WINDOWS\System32\Tasks\ASC_PerformanceMonitor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC_PerformanceMonitor" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\{381f21b1-95bf-4042-bc5c-3a40b2a03f10}" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{381f21b1-95bf-4042-bc5c-3a40b2a03f10}" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
HKLM\System\CurrentControlSet\Services\Sense => removed successfully
Sense => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Advanced SystemCare => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 89667930 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6133556 B
Edge => 13 B
Chrome => 0 B
Brave => 209463074 B
Firefox => 197118990 B
Opera => 4990463 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 51510552 B
systemprofile32 => 51510552 B
LocalService => 51510552 B
NetworkService => 60201488 B
Ctibor => 75244528 B

RecycleBin => 197263 B
EmptyTemp: => 762.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:43:24 ====

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#7 Příspěvek od ccc »

Rudy, hláška opět po restartu vyskočila
001.png
001.png (138.1 KiB) Zobrazeno 2747 x

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#8 Příspěvek od ccc »

Zapnout nejde
Přílohy
002.PNG
002.PNG (74.6 KiB) Zobrazeno 2747 x

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#9 Příspěvek od ccc »

Když to zkusím ručně, tak vyskočí jen prázdná stránka
Přílohy
003.PNG
003.PNG (72.9 KiB) Zobrazeno 2745 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po delší době

#10 Příspěvek od Rudy »

Bylo smazáno. Zkuste některý z těchto postupů: https://cs.gov-civil-setubal.pt/4-solut ... be-started .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#11 Příspěvek od ccc »

Vyzkoušel jsem všechny možnosti, ta služba je zakázaná a změna spouštění je neaktivní
Přílohy
004.PNG
004.PNG (177.59 KiB) Zobrazeno 2743 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po delší době

#12 Příspěvek od Rudy »

OK. Udělejte obnovu systému k datu, kdy systém korektně fungoval. Je to možná systémová chyba.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ccc
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 182
Registrován: 10 lis 2006 06:49
Bydliště: Pardubice
Kontaktovat uživatele:

Re: Kontrola po delší době

#13 Příspěvek od ccc »

Rudy, moc děkuju, už je vše OK, něco málo na pivko jsem poslal, takže můžeme uzamknout. Krásnej den

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po delší době

#14 Příspěvek od Rudy »

Nemáte zač a též pěkný den! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno