Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
cudla11
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 20 led 2006 16:31

Preventivní kontrola logu

#1 Příspěvek od cudla11 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2022
Ran by Petr (administrator) on LAPTOP-CVO5E9CR (LENOVO 81AX) (06-10-2022 08:05:46)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <3>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Conexant Systems, Inc) [File not signed] [File is in use] C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxEM.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1e59f5ec7049260a\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [603992 2017-06-23] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-03-10] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1527960 2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Run: [Zoner Photo Studio Autoupdate] => "C:\Users\Petr\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\MountPoints2: {44e139db-6e57-11ea-90ba-482ae369c4f1} - "G:\OriginSetup.exe"
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON WF-7525 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMHDE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON XP-900 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBRGE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2044248 2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0153467B-F720-42CE-B5B5-BD41D28E9980} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7d427a0e-33cb-4b6e-bd7d-f35b0f46d5b9" --version "6.04.10044" --silent
Task: {08ECC605-A87E-48F1-88FD-F5DEF3425F0D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {0EB58C0D-5F01-4A59-9BB6-EF3E8BA9A435} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EFF7977-8068-4684-A262-FDFF2500E32B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16B38FCD-08AB-4A89-9C7A-983B8A3C0D91} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6854b27b-f706-44f1-bf79-7b4c7dd7f6ed => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1B3C9240-EA96-4FBF-ACC1-9A90D7BEE2F7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1EA0C421-1ACB-45ED-9A95-2AF783EE5FA1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9f6a2285-52e4-4a4a-a9e0-32fbb9f68533 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {20C6A833-98D1-4E6A-9741-2561DF3B7457} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {234AA176-3261-4615-91AA-E8E6BAC6AB6F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {28FA4200-327B-4422-AD61-514C9A60651C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B3208FF-CB6F-4377-A200-305DD4EE8BEF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Avast Software\Avast\setup\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {2E1F2921-D97F-4A0E-8491-A69ED64A77C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {2E6C5236-F8DD-4C24-82D8-B0E285608529} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3184A145-1881-4CB2-8D74-B57DF1E572C0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {60A748DC-0ABF-4FEA-9519-15C975D36E0A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {67A7CE2E-56D2-41BC-A74C-9CBDEA4ED89E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76B1D580-9037-41AE-907D-017B84556FA4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8394E275-59FB-4C41-AC01-7B7FDF20C792} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {85EB2DB1-87B6-464B-A3E4-32B2CDBD014F} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {86D2E467-7DA1-4295-9AAE-9C9148D7DCE0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bca84ad6-6700-4e2e-9771-5e4994d74543 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {87BEAA54-57B0-4D89-BFA5-EAD2DAB2A639} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {93788829-E78A-4784-827C-1FD1487710B2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {98D1DBD0-E9C1-4ECB-B0DA-2CF36028E051} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B38AEA6C-4682-473D-A026-4122DAC33E72} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [931272 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {B74B3368-C0E8-4752-AD2B-4263B40B815E} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {BFC796BE-766D-4313-9FC8-530B6342728B} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C95FD4B5-C8ED-4DEE-9FC5-26B338077266} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dfa7706f-71c0-41e7-8e05-1079970d0a6a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {CE8CCA4E-F41C-44E1-B02E-699F4B0F27BF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D355DA9E-C096-49D6-8E34-421CACCA3E19} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D5ED7FC5-F3C4-498C-8589-C794D0053DFC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {D7712497-51FD-40AE-A68C-238339771D3C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {DD8346A8-C2C7-4E86-95DA-B43E0AAB7C2E} - System32\Tasks\EPSON XP-900 Series Update {1D34E24D-3602-4463-BC8C-53017AC68CA0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRGE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {E1D072A6-7F3D-4AA3-95B9-15661285EB04} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
Task: {ECF8F71B-D181-4451-901D-DF0F9D2F3CBE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F28ACD71-5AE4-40E8-9151-F04FB040FE77} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5814331-B847-455D-9BFD-0722DAA34E74} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b72a1e88-17f9-4070-8b87-3fd9cac26606 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F81838BC-5DA4-4F88-BF95-9C619BBF1CBF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {F9B6558A-5F57-4AEB-A640-5ED452ECB71E} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b1ca8d22-e5b4-4512-8091-211d1588dbe4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cc70d8dd-3c19-47ad-9ce9-6e0aeba5712b}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{e3709369-fac6-4489-8051-fc92393c6583}: [DhcpNameServer] 178.17.0.11 178.17.0.12

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-24]

FireFox:
========
FF DefaultProfile: gc13wse2.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\gc13wse2.default [2022-01-14]
FF NewTab: Mozilla\Firefox\Profiles\gc13wse2.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\oazwnvzd.Petr [2022-10-06]
FF Homepage: Mozilla\Firefox\Profiles\oazwnvzd.Petr -> www.seznam.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\oazwnvzd.Petr\Extensions\sp@avast.com.xpi [2022-08-22]
FF Extension: (Avast Online Security & Privacy) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\oazwnvzd.Petr\Extensions\wrc@avast.com.xpi [2022-10-06]
FF Extension: (Hlídač Shopů) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\oazwnvzd.Petr\Extensions\{d6f0f975-91a3-4d78-96f7-5f1859ad18b6}.xpi [2022-10-06]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3231952856-1019465751-811631384-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3231952856-1019465751-811631384-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3231952856-1019465751-811631384-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1309176 2017-03-10] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-01-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [822688 2022-09-21] (McAfee, LLC -> McAfee, LLC)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-18] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-08-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 MpKsl85fe502d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D8048175-C24E-427B-9943-25F975D24C0E}\MpKslDrv.sys [228600 2022-10-06] (Microsoft Windows -> Microsoft Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-06 08:05 - 2022-10-06 08:06 - 000032890 _____ C:\Users\Petr\Desktop\FRST.txt
2022-10-06 08:04 - 2022-10-06 08:04 - 002371072 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2022-10-05 09:27 - 2022-10-05 09:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-03 14:32 - 2022-10-06 07:52 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-10-03 14:32 - 2022-10-06 07:52 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-10-03 08:55 - 2022-10-03 08:55 - 000064477 _____ C:\Users\Petr\Downloads\yello-joule-2022.pdf
2022-09-26 15:03 - 2022-09-26 15:03 - 000671659 _____ C:\Users\Petr\Downloads\Skladba-9363-26-09-2022-15-03-41.pdf
2022-09-26 15:02 - 2022-09-26 15:02 - 000363944 _____ C:\Users\Petr\Downloads\Skladba-9361-26-09-2022-15-02-26.pdf
2022-09-23 07:19 - 2022-09-23 07:19 - 000134307 _____ C:\Users\Petr\Downloads\priloha_1083606085_0_VypisROB.pdf
2022-09-21 21:17 - 2022-09-21 21:17 - 002350530 _____ C:\Users\Petr\Desktop\Půdorys 2.NP.pdf
2022-09-21 21:15 - 2022-09-21 21:23 - 002431868 _____ C:\Users\Petr\Desktop\Půdorys 1.NP.pdf
2022-09-20 20:02 - 2022-09-20 20:02 - 004857855 _____ C:\Users\Petr\Desktop\SKM_C224e22092010320.pdf
2022-09-19 08:22 - 2022-09-19 08:22 - 000003654 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-09-19 08:22 - 2022-09-19 08:22 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2022-09-19 08:18 - 2022-09-19 08:20 - 000000000 ____D C:\Users\Petr\Downloads\FormatFactory2022_09_19
2022-09-19 08:12 - 2022-09-19 08:19 - 813733786 _____ C:\Users\Petr\Downloads\VID_20220918_163752.mp4
2022-09-13 20:26 - 2022-09-13 20:26 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-13 20:26 - 2022-09-13 20:26 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-13 20:26 - 2022-09-13 20:26 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-13 20:26 - 2022-09-13 20:26 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-13 20:26 - 2022-09-13 20:26 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-13 20:20 - 2022-09-13 20:20 - 000000000 ___HD C:\$WinREAgent
2022-09-12 13:13 - 2022-09-12 13:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\com.adobe.dunamis
2022-09-06 08:13 - 2022-09-06 08:13 - 000015504 _____ C:\Users\Petr\Downloads\priloha_1077883515_0_notifikace.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-06 08:06 - 2021-11-07 19:02 - 000000000 ____D C:\FRST
2022-10-06 07:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-06 07:52 - 2021-11-04 10:59 - 000000000 ____D C:\Program Files\CCleaner
2022-10-06 07:52 - 2020-03-24 21:45 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2022-10-06 07:50 - 2022-02-09 17:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-06 07:50 - 2020-03-16 12:36 - 000000000 ___RD C:\Users\Petr\OneDrive
2022-10-06 07:49 - 2020-03-16 12:34 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2022-10-05 09:28 - 2021-10-11 18:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-05 09:28 - 2020-03-30 10:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\eM Client
2022-10-05 09:28 - 2020-03-24 12:41 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-05 09:26 - 2021-02-09 19:03 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-10-05 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-05 09:17 - 2021-12-13 14:40 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3231952856-1019465751-811631384-1001
2022-10-05 09:17 - 2021-04-18 22:49 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3231952856-1019465751-811631384-1001
2022-10-05 09:17 - 2021-04-18 22:44 - 000002385 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-05 09:17 - 2020-06-08 19:44 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-05 09:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-03 21:52 - 2020-03-31 09:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WhatsApp
2022-10-03 21:09 - 2021-04-18 22:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-03 14:59 - 2021-10-18 19:51 - 000000000 ____D C:\Users\Petr\AppData\Local\WhatsApp
2022-10-03 14:35 - 2022-03-14 16:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-03 14:32 - 2021-11-04 10:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-10-03 08:04 - 2019-11-30 00:01 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-02 16:06 - 2022-03-16 15:03 - 000000000 ____D C:\Users\Petr\Desktop\Nová složka (2)
2022-10-02 16:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-25 15:07 - 2020-03-24 22:45 - 000000000 ____D C:\Users\Petr\AppData\Local\JDownloader 2.0
2022-09-24 07:53 - 2021-04-19 14:59 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2022-09-24 07:48 - 2020-03-16 12:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Kerio Connect
2022-09-24 07:43 - 2020-03-16 12:34 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2022-09-24 07:38 - 2020-03-16 12:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Google
2022-09-24 07:38 - 2020-03-16 12:39 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-23 09:02 - 2020-03-24 12:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-22 20:28 - 2020-03-30 19:32 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2022-09-19 08:31 - 2020-03-16 12:48 - 000000000 ____D C:\ProgramData\Packages
2022-09-19 08:31 - 2020-03-16 12:37 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2022-09-19 08:23 - 2020-11-02 23:18 - 000000000 ____D C:\FFOutput
2022-09-19 08:22 - 2022-07-21 10:15 - 000000000 ____D C:\Users\Petr\AppData\Local\luminati
2022-09-19 08:22 - 2021-05-16 12:51 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2022-09-19 08:21 - 2022-07-21 10:14 - 000000000 ____D C:\Users\Petr\AppData\Local\Free_Time_Co.,_Ltd
2022-09-15 15:57 - 2022-04-21 07:28 - 000000000 ____D C:\ProgramData\Zoner
2022-09-14 00:33 - 2021-04-18 22:52 - 001693864 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-14 00:33 - 2019-12-07 16:43 - 000719668 _____ C:\WINDOWS\system32\perfh005.dat
2022-09-14 00:33 - 2019-12-07 16:43 - 000145794 _____ C:\WINDOWS\system32\perfc005.dat
2022-09-14 00:29 - 2021-04-18 22:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-14 00:29 - 2021-04-18 22:42 - 000531768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-14 00:29 - 2021-04-18 22:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-14 00:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-14 00:29 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-14 00:28 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-14 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-13 20:28 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-13 20:26 - 2021-04-18 22:42 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-13 20:20 - 2020-03-16 12:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 20:17 - 2020-03-16 12:44 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-12 13:08 - 2021-11-23 15:01 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-07 07:53 - 2019-04-19 07:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-07 07:53 - 2019-04-19 07:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2021-11-05 09:49 - 2021-11-05 09:49 - 000000032 _____ () C:\Users\Petr\AppData\Roaming\++.bat
2021-11-05 09:49 - 2021-11-05 09:49 - 000005120 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\0.exe
2021-11-05 09:49 - 2021-11-05 09:49 - 000188416 _____ (NirSoft) C:\Users\Petr\AppData\Roaming\1.exe
2021-11-05 09:49 - 2021-11-05 09:49 - 000420864 _____ (A310 Logger) C:\Users\Petr\AppData\Roaming\all cookies.exe
2021-11-04 14:30 - 2021-11-04 14:30 - 000000003 _____ () C:\Users\Petr\AppData\Roaming\cvcv.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 012348068 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000021164 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000172032 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt
2021-11-05 09:50 - 2021-11-05 09:50 - 000136536 _____ () C:\Users\Petr\AppData\Roaming\rony.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000015872 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\specific.exe
2021-11-05 09:50 - 2021-11-05 09:50 - 001862144 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\xxcv.dll
2021-02-10 17:21 - 2021-02-10 17:21 - 000000000 _____ () C:\Users\Petr\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2022
Ran by Petr (06-10-2022 08:07:03)
Running from C:\Users\Petr\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) (2021-04-18 20:49:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3231952856-1019465751-811631384-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3231952856-1019465751-811631384-503 - Limited - Disabled)
Guest (S-1-5-21-3231952856-1019465751-811631384-501 - Limited - Disabled)
Petr (S-1-5-21-3231952856-1019465751-811631384-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3231952856-1019465751-811631384-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.625 - ABBYY Production LLC)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.002.20212 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 VBA Enabler (HKLM\...\{C33F3BA8-CA07-4449-012D-B043FE6029AA}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD 2018 VBA Enabler (HKLM\...\AutoCAD 2018 VBA Enabler) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 6.04 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Dynamic Application Loader Host Interface Service (HKLM\...\{C1FFE6F8-BB6C-40B3-9C65-A1CC0962896A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eM Client (HKLM-x32\...\{A2126C2E-FC08-44E5-AE03-7290C5BF26BF}) (Version: 8.2.1721.0 - eM Client Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON WF-7525 Series Printer Uninstall (HKLM\...\EPSON WF-7525 Series) (Version: - SEIKO EPSON Corporation)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormatFactory 5.12.2.0 (HKLM-x32\...\FormatFactory) (Version: 5.12.2.0 - Free Time)
Free MP3 Cutter 2.1 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: 2.1 - PolySoft Solutions)
Intel(R) Icls (HKLM\...\{CA2C7ABE-A8B2-4918-8F2B-351D9D69DDC3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{DE1E4C1C-30F0-4549-8F34-D02934442A9F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1910.12.0.1239 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{340CC61F-5E51-448A-ACA8-267968DF1780}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{AB7D0B60-C65F-465A-9199-83B74684DD10}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{286D6964-3CC3-4396-BA28-4CB7FE3E52FC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) OEM Extension (HKLM\...\{64079417-4BAE-4AD5-A35E-7E4D58F0AD61}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7812 - Intel Corporation)
JA-100-Link 2.5.0.1250 (HKLM-x32\...\JA-100-Link 2.5.0.1250_is1) (Version: JA-100-Link 2.5.0.1250 - Jablotron Alarms a.s.)
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
J-Link 2.3.1.1182 (HKLM-x32\...\J-Link 2.3.1.1182_is1) (Version: J-Link 2.3.1.1182 - Jablotron Alarms a.s.)
Kerio Connect (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\KerioConnect) (Version: 9.4.2.18218 - Kerio Technologies Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.18 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.34 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.34 - Microsoft Corporation)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\OneDriveSetup.exe) (Version: 22.191.0911.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{75FDEEC2-3DEB-47CD-A629-9009BD09B75C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{BD60B99B-A623-4E04-83F2-74EDDBFFD900}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.25008 (HKLM\...\{C668F044-4825-330D-8F9F-3CBFC9F2AB89}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.25008 (HKLM\...\{8D50D8C6-1E3D-3BAB-B2B7-A5399EA1EBD1}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25008 (HKLM-x32\...\{E6222D59-608C-3018-B86B-69BD241ACDE5}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25008 (HKLM-x32\...\{C6CDA568-CD91-3CA0-9EDE-DAD98A13D6E1}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
MiniTool Partition Wizard (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12 - MiniTool Software Limited)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 105.0.2 (x64 cs)) (Version: 105.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Odinstalace tiskárny EPSON XP-900 Series (HKLM\...\EPSON XP-900 Series) (Version: - Seiko Epson Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PDF24 Creator 11.3.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.3.0 - PDF24.org)
PDF-XChange Editor (HKLM\...\{D7DBC941-C042-4276-93C9-A91B373AF0D8}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{604944cd-f303-4436-bc7b-7a538b64c872}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.5.154 - Autodesk)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Teretron (HKLM\...\Teretron) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.757 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\WhatsApp) (Version: 2.2236.10 - WhatsApp)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.24.2.0_x64__kgqvnymyfvs32 [2022-10-03] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.89.5.0_x64__kgqvnymyfvs32 [2022-10-03] (king.com)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.0.0_neutral__yxz26nhyzhsrt [2022-09-19] (Microsoft Corp.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-31] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_138.2.414.0_x64__v10z8vjag6ke6 [2022-09-07] (HP Inc.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4 [2022-06-24] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-19] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-19] (Microsoft Studios) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.12518.0_x86__m916jedk64snt [2021-06-20] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.4112.0_x86__m916jedk64snt [2021-12-29] (CYBERLINKCOM CORPORATION)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.32061.0_x64__8wekyb3d8bbwe [2022-08-20] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-04] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{B52F3B38-CFE7-44E6-B97F-5435FBE77888}\InprocServer32 -> C:\Program Files\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2022-04-19] (Free Time) [File not signed]
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2022-04-19] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxDTCM.dll [2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-06-20 20:08 - 2022-06-20 20:08 - 000369152 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\85e8b8fcf7ee4faff18595e50f688d70\Interop.CxHDAudioAPILib.ni.dll
2022-06-20 20:08 - 2022-06-20 20:08 - 000018944 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\c4e2ca37be50157547ef9a8d3ef7d375\Interop.CxUtilSvcLib.ni.dll
2019-11-30 00:14 - 2017-07-05 20:36 - 001168384 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2022-04-19 12:20 - 2022-04-19 12:20 - 000344064 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx_108.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\sharepoint.com -> hxxps://zstgmdrasov-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{1B9EE180-98B7-48B5-BCC1-4BFC86C7B852}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9B4C9D2F-6DE9-4E35-B216-C666F4244AB8}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AF7046A1-0BF8-41EF-9B31-FCE28313FDA0}C:\totalcmd\totalcmd64.exe] => (Block) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{F7144D2C-DDE6-40F2-A28C-6FF9FE556052}C:\totalcmd\totalcmd64.exe] => (Block) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{29DB4E00-DA47-4C8D-8968-E71C8B5B2F6D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe => No File
FirewallRules: [UDP Query User{31382625-C62D-4B6E-95D6-3E4F6894EE36}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{10761921-3FED-4E95-8B9B-9222C36F74E8}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E2BEFB0-B1A0-4B07-BB94-DBF67F2045FE}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [{A2F751BE-2D05-405B-9C3D-2C05A2CE6448}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [{85461371-7BEB-4380-9E99-5000B7E6A39E}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [{3B2A912D-FDA3-4AE7-BAC1-9076F68FD9BD}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [UDP Query User{316B2FCA-EF86-47C7-8755-BD1DF851F527}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BBD1A384-7934-462A-8ADB-8E5E86FBF634}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{52344EB8-2CF9-4F55-98E0-E77B079DDD6E}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{83FAB628-FC4D-49A0-BA64-02A66D9F1A46}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [{347C3811-0109-43BB-B34C-C45047BC13DF}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C267C6E7-F616-4E26-AC97-13AF4671B0FA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8F24FCDA-3FEC-4CAF-A383-EDF91CA1B2AB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{095E8528-0149-4A50-A838-9247A041FC00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05AC3A0F-5C9D-4148-9158-A7E4440ABE11}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{D846A304-824E-4176-9CB0-2C4BDDBC626D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{2F78084C-F2A2-45CB-B959-5D9FA0E4162A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{68869588-0F0D-4BFA-8A78-D82288414A9E}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D9E71844-B62B-406A-B7D7-1BFC4A99B765}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{92819E90-E83B-4120-9B88-F3C81064A4CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7350C966-40C8-45D2-A353-B9E96E6609BC}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E8E2499F-4F95-4D9D-9C37-7FB61018DA86}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8EAAA779-F9C0-48B5-9434-721D377F48CB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{51D9ACCD-698B-4096-87D4-846F3EE36AC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92DF6BFD-E348-4FA4-9CE6-69395AEF0079}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3DCD8FA-5556-421B-8F23-8439EE5EF3DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DE5EC64-1432-4079-85F0-92130329FF2C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3435932B-7CB2-4861-859F-25F499FFE5C8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{A4E8D690-9BF8-4EE7-8DE1-78BEF9470BBD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

03-10-2022 19:56:57 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/03/2022 02:32:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.1949, časové razítko: 0x97a1a31c
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x6c9677d0
ID chybujícího procesu: 0x4288
Čas spuštění chybující aplikace: 0x01d8d7242d051712
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0aba9062-5978-43cc-9df6-d45cec2609e9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2022 06:33:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.2006, časové razítko: 0x3e04d5ee
Název chybujícího modulu: XCShMain.x64.dll, verze: 9.0.351.0, časové razítko: 0x600a1a08
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007ca948
ID chybujícího procesu: 0x2360
Čas spuštění chybující aplikace: 0x01d8c90ab8db2ee2
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShMain.x64.dll
ID zprávy: d8447ed1-ce6a-402e-880f-0890488241c3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/12/2022 08:50:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1889, časové razítko: 0xd1439b88
Název chybujícího modulu: XCShMain.x64.dll, verze: 9.0.351.0, časové razítko: 0x600a1a08
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007ca948
ID chybujícího procesu: 0x4264
Čas spuštění chybující aplikace: 0x01d8c43bab1cbdec
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShMain.x64.dll
ID zprávy: a3818e6e-7188-4ed0-ad71-6a07f753badf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/28/2022 02:46:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.1889, časové razítko: 0xd1439b88
Název chybujícího modulu: XCShMain.x64.dll, verze: 9.0.351.0, časové razítko: 0x600a1a08
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007ca948
ID chybujícího procesu: 0x3b50
Čas spuštění chybující aplikace: 0x01d8badc2a275c64
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShMain.x64.dll
ID zprávy: 6ab1c327-5000-4359-bbd0-c66d9ae9f870
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/28/2022 02:46:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1889, časové razítko: 0xd1439b88
Název chybujícího modulu: XCShMain.x64.dll, verze: 9.0.351.0, časové razítko: 0x600a1a08
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007ca948
ID chybujícího procesu: 0xc04
Čas spuštění chybující aplikace: 0x01d8babd564dfae9
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShMain.x64.dll
ID zprávy: d3758fa0-6e2e-4bb6-8c51-23c0d84b6640
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/27/2022 08:04:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.1889, časové razítko: 0xa4e1bb99
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x6edd77d0
ID chybujícího procesu: 0xe54
Čas spuštění chybující aplikace: 0x01d8ba3f7a584f56
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9cd2ba98-ccf7-4cd2-a5b9-3e2708b6bd72
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/19/2022 08:45:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1889, časové razítko: 0xd1439b88
Název chybujícího modulu: XCShMain.x64.dll, verze: 9.0.351.0, časové razítko: 0x600a1a08
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007ca948
ID chybujícího procesu: 0x3164
Čas spuštění chybující aplikace: 0x01d8b3951c1c5cc2
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShMain.x64.dll
ID zprávy: 0abbce0d-b637-41eb-98ae-badfd6646eaf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/18/2022 08:05:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1889, časové razítko: 0xd1439b88
Název chybujícího modulu: XCShMain.x64.dll, verze: 9.0.351.0, časové razítko: 0x600a1a08
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007ca948
ID chybujícího procesu: 0x17bc
Čas spuštění chybující aplikace: 0x01d8b1f6bbc15012
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShMain.x64.dll
ID zprávy: 783cd63b-f3ad-40d4-9679-63f439404f08
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/06/2022 07:49:40 AM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR11.

Error: (10/05/2022 09:33:19 AM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR10.

Error: (10/03/2022 09:16:07 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CVO5E9CR)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2022 09:16:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CVO5E9CR)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2022 09:16:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CVO5E9CR)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2022 09:16:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CVO5E9CR)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2022 09:16:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CVO5E9CR)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2022 09:16:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CVO5E9CR)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2022-09-27 11:46:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9146FAA4-7FE9-47A2-872D-2503021DA602}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-09-26 08:29:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {992E8207-2B15-4EFD-9663-97E5B3385078}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-09-25 16:20:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {44223034-42B1-48F6-83B8-707F112DE2F5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-09-24 08:13:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6E32F2AF-7052-4553-B3C3-61B48F27BAA1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-09-23 08:06:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A65DD4D5-CD5E-4FB7-AA54-6AF3F5ED53C2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-10-06 08:01:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 6SCN54WW 05/17/2021
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 7613.43 MB
Available physical RAM: 2376.31 MB
Total Virtual: 10061.14 MB
Available Virtual: 3753.06 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:22.45 GB) (Model: SAMSUNG MZALQ256HAJD-000L2) NTFS

\\?\Volume{3944c868-d993-4fad-89d1-4a62e0d8abf9}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{65b7ba2c-048c-4020-b359-4c7f8094bba3}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C27D31B5)

Partition: GPT.

==================== End of Addition.txt =======================

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Preventivní kontrola logu

#2 Příspěvek od altrok »

Ahoj,

:arrow: tyhle soubory mi nevoní - znáš je? Prohoď je virustotalem https://virustotal.com
když pak sem nahážeš linky/odkazy s výsledky analýzy, budeš nejskvělejší :)
==================== Files in the root of some directories ========

2021-11-05 09:49 - 2021-11-05 09:49 - 000000032 _____ () C:\Users\Petr\AppData\Roaming\++.bat
2021-11-05 09:49 - 2021-11-05 09:49 - 000005120 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\0.exe
2021-11-05 09:49 - 2021-11-05 09:49 - 000188416 _____ (NirSoft) C:\Users\Petr\AppData\Roaming\1.exe
2021-11-05 09:49 - 2021-11-05 09:49 - 000420864 _____ (A310 Logger) C:\Users\Petr\AppData\Roaming\all cookies.exe
2021-11-04 14:30 - 2021-11-04 14:30 - 000000003 _____ () C:\Users\Petr\AppData\Roaming\cvcv.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 012348068 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000021164 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000172032 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt
2021-11-05 09:50 - 2021-11-05 09:50 - 000136536 _____ () C:\Users\Petr\AppData\Roaming\rony.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000015872 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\specific.exe
2021-11-05 09:50 - 2021-11-05 09:50 - 001862144 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\xxcv.dll

:arrow: Projeď PC AdwCleanerem, log sem (scan + clean) https://www.bleepingcomputer.com/download/adwcleaner/


:arrow: Vidím, že ti cca jednou za měsíc spadne průzkumník (celá plocha neboli explorer.exe) a viníkem vypadá jedna knihovna programu PDF-XChange Editor - používáš zastaralou verzi 9.0.351.0, ale v oběhu je již verze 9.4.364.0, proto doporučuji jeho aktualizaci - spusť PDF-XChange Editor -> Nápověda -> Najít aktualizace.


:arrow: Mrknem ještě na SSD - https://osdn.net/projects/crystaldiskin ... _17_7.zip/
log vložíš přes Úpravy -> Kopírovat (teď ho máš ve schránce, takže se překlikni do fóra a přes Ctrl+V ho sem vložíš)
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

cudla11
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 20 led 2006 16:31

Re: Preventivní kontrola logu

#3 Příspěvek od cudla11 »

----------------------------------------------------------------------------
CrystalDiskInfo 8.17.7 (C) 2008-2022 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 19044] (x64)
Date : 2022/10/06 13:42:20

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- PLDS DVD-RW DA8AESH
+ Řadič Standard NVM Express [SCSI]
- SAMSUNG MZALQ256HAJD-000L2
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(01) SAMSUNG MZALQ256HAJD-000L2 : 256,0 GB [0/1/0, sq] - nv

----------------------------------------------------------------------------
(01) SAMSUNG MZALQ256HAJD-000L2
----------------------------------------------------------------------------
Model : SAMSUNG MZALQ256HAJD-000L2
Firmware : 3L1QFXV7
Serial Number : S4ULNE1M928508
Disk Size : 256,0 GB
Interface : NVM Express
Standard : NVM Express 1.3
Transfer Mode : PCIe 3.0 x4 | PCIe 3.0 x4
Power On Hours : 1732 hodin
Power On Count : 1262 krát
Host Reads : 22023 GB
Host Writes : 12797 GB
Temperature : 40 C (104 F)
Health Status : Dobrý (94 %)
Features : S.M.A.R.T., TRIM, VolatileWriteCache
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000 Kritické varování
02 000000000138 Složená teplota
03 000000000064 Rezerva k dispozici
04 00000000000A Dostupná náhradní prahová hodnota
05 000000000006 Použité procento
06 000002C0C42B Čtení datových jednotek
07 0000019987BA Zapsané datové jednotky
08 00001E9418FB Příkazy pro hostitelské čtení
09 0000127A3AD6 Příkazy pro zápis hostitele
0A 000000000CC4 Čas obsazení řadiče
0B 0000000004EE Napájecí cykly
0C 0000000006C4 Hodiny napájení
0D 000000000076 Nebezpečné vypnutí
0E 000000000000 Chyby v médiích a integritě dat
0F 00000000061B Počet položek protokolu chybových informací

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 144D 144D 3453 4C55 454E 4D31 3239 3538 3830 2020
010: 2020 2020 4153 534D 4E55 2047 5A4D 4C41 3251 3635
020: 4148 444A 302D 3030 324C 2020 2020 2020 2020 2020
030: 2020 2020 4C33 5131 5846 3756 3802 0025 0900 0005
040: 0300 0001 86A0 0001 1200 007A 0200 0000 0000 0000
050: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0017 0307
130: 0F16 043F 0101 0163 0166 0000 4000 0000 1000 0000
140: 6000 9E65 003B 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0023 0400
160: 0000 0001 0139 0166 0002 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 39 01 64 0A 06 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 2B C4 C0 02 00 00 00 00 00 00 00 00 00 00 00 00
030: BA 87 99 01 00 00 00 00 00 00 00 00 00 00 00 00
040: 0C 19 94 1E 00 00 00 00 00 00 00 00 00 00 00 00
050: E2 3A 7A 12 00 00 00 00 00 00 00 00 00 00 00 00
060: C4 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: EE 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: C4 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 76 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 1B 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 06 00 00 00 00 00 00 00 39 01 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 52 06 00 00 00 00 00 00
0E0: 16 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

cudla11
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 20 led 2006 16:31

Re: Preventivní kontrola logu

#4 Příspěvek od cudla11 »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-06-2022
# Duration: 00:00:08
# OS: Windows 10 (Build 19044.2006)
# Scanned: 32092
# Detected: 5


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Petr\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1


AdwCleaner[S00].txt - [2417 octets] - [07/11/2021 12:51:06]
AdwCleaner[C00].txt - [2560 octets] - [07/11/2021 12:51:55]
AdwCleaner[S01].txt - [1527 octets] - [07/11/2021 12:53:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Preventivní kontrola logu

#5 Příspěvek od altrok »

:arrow: SSD vypadá v pořádku :thumbsup:



:arrow:
  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po Fixu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CMD: type "C:\Users\Petr\AppData\Roaming\++.bat"
    File: C:\Users\Petr\AppData\Roaming\0.exe
    File: C:\Users\Petr\AppData\Roaming\1.exe
    File: C:\Users\Petr\AppData\Roaming\all cookies.exe
    CMD: type "C:\Users\Petr\AppData\Roaming\cvcv.txt"
    CMD: type "C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt"
    CMD: type "C:\Users\Petr\AppData\Roaming\rony.txt"
    File: C:\Users\Petr\AppData\Roaming\specific.exe
    File: C:\Users\Petr\AppData\Roaming\xxcv.dll
    CMD: type "C:\AdwCleaner\Logs\AdwCleaner[S00].txt"
    CMD: type "C:\AdwCleaner\Logs\AdwCleaner[S01].txt"
    End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

cudla11
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 20 led 2006 16:31

Re: Preventivní kontrola logu

#6 Příspěvek od cudla11 »

Posílám fixlog
Fixlog.rar
(72.71 KiB) Staženo 40 x

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Preventivní kontrola logu

#7 Příspěvek od altrok »

Poprosím o onové logy z FRST (i Addition.txt).
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

cudla11
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 20 led 2006 16:31

Re: Preventivní kontrola logu

#8 Příspěvek od cudla11 »

Zasílám
FRST.rar
(21.45 KiB) Staženo 43 x

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Preventivní kontrola logu

#9 Příspěvek od altrok »

:arrow:
  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize (přes Vybrat vše a následně Ctrl + C)
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po restartu PC bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    CMD: dir C:\Program Files (x86)\Microsoft Games
    HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\MountPoints2: {44e139db-6e57-11ea-90ba-482ae369c4f1} - "G:\OriginSetup.exe" 
    2021-11-05 09:49 - 2021-11-05 09:49 - 000000032 _____ () C:\Users\Petr\AppData\Roaming\++.bat
    2021-11-05 09:49 - 2021-11-05 09:49 - 000188416 _____ (NirSoft) C:\Users\Petr\AppData\Roaming\1.exe
    2021-11-05 09:49 - 2021-11-05 09:49 - 000420864 _____ (A310 Logger) C:\Users\Petr\AppData\Roaming\all cookies.exe
    2021-11-04 14:30 - 2021-11-04 14:30 - 000000003 _____ () C:\Users\Petr\AppData\Roaming\cvcv.txt
    2021-11-04 14:30 - 2021-11-04 14:30 - 012348068 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt
    2021-11-04 14:30 - 2021-11-04 14:30 - 000021164 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt
    2021-11-04 14:30 - 2021-11-04 14:30 - 000172032 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt
    2021-11-05 09:50 - 2021-11-05 09:50 - 000136536 _____ () C:\Users\Petr\AppData\Roaming\rony.txt
    2021-11-04 14:30 - 2021-11-04 14:30 - 000015872 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\specific.exe
    2021-11-05 09:50 - 2021-11-05 09:50 - 001862144 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\xxcv.dll
    FirewallRules: [{29DB4E00-DA47-4C8D-8968-E71C8B5B2F6D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe => No File
    EmptyTemp:
    End
    
:arrow: V logu vidím i pády ovladače WiFiny - zkus ho aktualizovat třeba prostřednictvím Lenovo Vantage
Error: (10/07/2022 10:18:48 AM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

:arrow: Pozurujeme s PC nějaké problémy?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

cudla11
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 20 led 2006 16:31

Re: Preventivní kontrola logu

#10 Příspěvek od cudla11 »

Problémy s PC jsem nezaznamenal.


Fix result of Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
Ran by Petr (09-10-2022 18:25:24) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
̩Start
CloseProcesses:
CreateRestorePoint:
CMD: dir C:\Program Files (x86)\Microsoft Games
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\MountPoints2: {44e139db-6e57-11ea-90ba-482ae369c4f1} - "G:\OriginSetup.exe"
2021-11-05 09:49 - 2021-11-05 09:49 - 000000032 _____ () C:\Users\Petr\AppData\Roaming\++.bat
2021-11-05 09:49 - 2021-11-05 09:49 - 000188416 _____ (NirSoft) C:\Users\Petr\AppData\Roaming\1.exe
2021-11-05 09:49 - 2021-11-05 09:49 - 000420864 _____ (A310 Logger) C:\Users\Petr\AppData\Roaming\all cookies.exe
2021-11-04 14:30 - 2021-11-04 14:30 - 000000003 _____ () C:\Users\Petr\AppData\Roaming\cvcv.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 012348068 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000021164 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000172032 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt
2021-11-05 09:50 - 2021-11-05 09:50 - 000136536 _____ () C:\Users\Petr\AppData\Roaming\rony.txt
2021-11-04 14:30 - 2021-11-04 14:30 - 000015872 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\specific.exe
2021-11-05 09:50 - 2021-11-05 09:50 - 001862144 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\xxcv.dll
FirewallRules: [{29DB4E00-DA47-4C8D-8968-E71C8B5B2F6D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe => No File
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= dir C:\Program Files (x86)\Microsoft Games =========

匀礀猀琀쎩m nemožť nalÃ꤀稀琀 甀瘀攀搀攀渀쎽 soubor.

========= End of CMD: =========

HKU\S-1-5-21-3231952856-1019465751-811631384-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44e139db-6e57-11ea-90ba-482ae369c4f1} => removed successfully
C:\Users\Petr\AppData\Roaming\++.bat => moved successfully
C:\Users\Petr\AppData\Roaming\1.exe => moved successfully
C:\Users\Petr\AppData\Roaming\all cookies.exe => moved successfully
C:\Users\Petr\AppData\Roaming\cvcv.txt => moved successfully
C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt => moved successfully
C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt => moved successfully
C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt => moved successfully
C:\Users\Petr\AppData\Roaming\rony.txt => moved successfully
C:\Users\Petr\AppData\Roaming\specific.exe => moved successfully
C:\Users\Petr\AppData\Roaming\xxcv.dll => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29DB4E00-DA47-4C8D-8968-E71C8B5B2F6D}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 223185025 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc *.cache => 56496 B
Windows/system/drivers => 19288952 B
Edge => 0 B
Firefox => 1504214728 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 435776 B
Petr => 788934243 B

RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:29:27 ====

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Preventivní kontrola logu

#11 Příspěvek od altrok »

Výborně, tím pádem jsme hotovi.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Odpovědět