Prosím o kontrolu logu
Napsal: 31 pro 2019 09:18
Dobrý den, prosím o kontrolu logu z FRST - PC při vypnutí napíše, že jej nelze vypnout a bude restartováno a pak se vypne. Klávesnice ale dál svítí.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by pocitac (administrator) on DESKTOP-KPE6271 (Gigabyte Technology Co., Ltd. Z370 HD3P) (31-12-2019 09:12:01)
Running from C:\Users\pocitac\Desktop
Loaded Profiles: pocitac (Available Profiles: pocitac)
Platform: Windows 10 Pro Version 1809 17763.864 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Computer, Inc.) [File not signed] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26bbf8841b534486\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26bbf8841b534486\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.71.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\ws.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen) C:\PenTabletDriver\TabletDriver.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\kdd
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Users\pocitac\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\...\Run: [TabletDriver] => C:\PenTabletDriver\TabletDriver.exe [3160448 2018-11-12] (Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-07-17] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [Google Update] => C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe [219592 2019-12-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-12] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [GoogleChromeAutoLaunch_0A71E58A4F5EAA28BB7CB157609770E4] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-12] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10364A88-CEB7-45D1-9CCC-959A85179701} - System32\Tasks\WD Device Agent Task pocitac => C:\Users\pocitac\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [720432 2019-09-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {13BB3748-8325-420B-88B8-2CB3CD694BBB} - System32\Tasks\GoogleUpdateTaskMachineCore1d57e026adf7bd6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {1568DF44-7DF3-4556-A12F-0B3378DC820A} - System32\Tasks\WD Discovery Service Task pocitac => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [71408 2019-07-17] (Western Digital Technologies, Inc. -> )
Task: {28535C3A-7D16-4669-BAC6-45972942306D} - System32\Tasks\Opera scheduled Autoupdate 1524161287 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {3C2A10EA-EAFF-4A50-99A1-4E53E2469933} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001UA => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {40280B2C-463F-489A-AA40-7EBB194D4593} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {484AF93B-8CAF-4BFE-948E-C81AC0C34590} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KPE6271-pocitac => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5C088BA5-1B96-432E-A2D3-37CB04BA1286} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {60307B25-ED3F-4047-AD73-7EF639E8805C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-12] (Piriform Software Ltd -> Piriform Ltd)
Task: {603268D8-06C7-46DF-AFB3-06FAE2AB8CA1} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-KPE6271-pocitac => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6DE86DED-177E-4FE9-B543-C21E40ACA025} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe
Task: {709121F7-8B5D-4BD3-AA76-58591A171739} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {890B0F3F-0B05-4586-8E47-632DB25019C8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8BE8D9F8-CEF4-47B4-9621-706BD16BFDEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001UA1d57d46a18e38de => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {9D1F6D0E-DA29-4D58-93B0-C4E15D40DAB5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\WINDOWS\system32\winrmsrv.exe [731136 2019-12-13] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {B232793C-7C27-4534-90FF-46EEC9385B2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {CDB21817-EB66-4160-89AB-83E8EC79D82E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001Core => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {D5925BC9-9728-4A53-B2EE-69C251AE083E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {E287C5D4-24C9-4B54-A628-8E1B8954FC32} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001Core1d57d46a18cb602 => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {E52EA1BA-B8C4-419E-BA61-63E70900F014} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E743864A-FCBC-4B11-86C1-E8241340061A} - System32\Tasks\GoogleUpdateTaskMachineUA1d57e026ae4f345 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {F666C86B-A8B5-4CD0-A4F0-AFF83488A72F} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C:\WINDOWS\system32\winlogui.exe [750592 2019-12-13] (Microsoft Corporation) [File not signed]
Task: {FDC5F6A1-3EA5-4E10-BBCC-9D1F9918DF00} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3afa13f6-63db-499c-ba42-21ff6280c9c5}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: No Name -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29}' -> No File
BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: No Name -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29}' -> No File
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Edge:
======
DownloadDir: C:\Users\pocitac\Downloads
FireFox:
========
FF DefaultProfile: 1g0qh1g8.default
FF ProfilePath: C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default [2019-12-31]
FF Homepage: Mozilla\Firefox\Profiles\1g0qh1g8.default -> hxxp://www.seznam.cz
FF Extension: (Exif Viewer) - C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2018-06-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default\Extensions\sp@avast.com.xpi [2019-12-21]
FF Extension: (Avast Online Security) - C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default\Extensions\wrc@avast.com.xpi [2019-12-17]
FF HKLM\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 6 Creator) - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi [2018-09-18]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-31] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-31] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3212853156-1841250429-348462128-1001: @tools.google.com/Google Update;version=3 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-3212853156-1841250429-348462128-1001: @tools.google.com/Google Update;version=9 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default [2019-12-31]
CHR Extension: (Prezentace) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-31]
CHR Extension: (Dokumenty) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-31]
CHR Extension: (Disk Google) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-31]
CHR Extension: (YouTube) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-31]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-12-17]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-18]
CHR Extension: (Tabulky) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Avast Online Security) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20]
CHR Extension: (Gram Up! – Free Instagram Bot by Instabot) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\njonkbhnmmjgancfbncekpgkmidhbbpo [2019-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-11-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-11-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-17] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2014-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-10] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-10] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-31 09:12 - 2019-12-31 09:12 - 000028705 _____ C:\Users\pocitac\Desktop\FRST.txt
2019-12-31 09:10 - 2019-12-31 09:12 - 000000000 ____D C:\FRST
2019-12-31 09:10 - 2019-12-31 09:11 - 000026070 _____ C:\Users\pocitac\Downloads\Addition.txt
2019-12-31 09:10 - 2019-12-31 09:10 - 000035268 _____ C:\Users\pocitac\Downloads\FRST.txt
2019-12-31 09:09 - 2019-12-31 09:09 - 002272256 _____ (Farbar) C:\Users\pocitac\Desktop\FRST64.exe
2019-12-17 20:33 - 2019-12-17 20:33 - 000001106 _____ C:\Users\pocitac\Desktop\Adobe Lightroom Classic CC.lnk
2019-12-17 20:33 - 2019-12-17 20:33 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2019-12-15 13:03 - 2019-12-15 13:03 - 000020462 _____ C:\Users\pocitac\Downloads\XJpxhv7P.html
2019-12-13 17:54 - 2019-12-14 09:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-13 17:09 - 2019-12-13 17:09 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Ads Editor
2019-12-13 17:03 - 2019-12-13 17:03 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrmsrv.exe
2019-12-13 17:03 - 2019-12-13 17:03 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winscomrssrv.dll
2019-12-13 17:03 - 2019-12-13 17:03 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-12-13 17:03 - 2019-12-13 17:03 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2019-12-13 17:03 - 2019-11-05 16:30 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-31 09:07 - 2018-03-20 10:47 - 000000000 ____D C:\Users\pocitac\AppData\LocalLow\Mozilla
2019-12-31 09:02 - 2019-01-28 23:43 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-31 09:02 - 2018-09-15 18:39 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-31 09:02 - 2018-09-15 18:39 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-31 09:02 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-31 08:56 - 2019-07-17 16:36 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\WD Discovery
2019-12-31 08:56 - 2019-07-17 16:28 - 000000000 ____D C:\Users\pocitac\.wdc
2019-12-31 08:56 - 2019-01-28 23:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-31 08:56 - 2018-10-25 14:27 - 000000000 __SHD C:\Users\pocitac\IntelGraphicsProfiles
2019-12-31 08:56 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-31 00:31 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-30 17:05 - 2018-03-24 16:35 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\vlc
2019-12-29 18:46 - 2018-06-30 20:54 - 000000000 ____D C:\Users\pocitac\AppData\Local\CrashDumps
2019-12-29 18:26 - 2019-10-03 10:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-25 23:59 - 2019-01-28 23:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-23 21:26 - 2018-04-27 18:33 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\XnViewMP
2019-12-22 20:28 - 2018-03-23 21:29 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\uTorrent
2019-12-19 22:30 - 2018-04-19 19:08 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-12-19 22:30 - 2018-04-19 19:06 - 000000000 ____D C:\Program Files\Opera
2019-12-17 20:33 - 2018-05-19 07:08 - 000000000 ____D C:\Users\pocitac\AppData\Local\D3DSCache
2019-12-17 19:49 - 2018-05-31 07:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 19:49 - 2018-05-31 07:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 16:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-17 11:17 - 2019-04-11 18:34 - 000000000 ____D C:\ProgramData\NinjaGram
2019-12-14 16:59 - 2019-04-11 18:34 - 000001166 _____ C:\Users\pocitac\Desktop\NinjaGram.lnk
2019-12-14 16:59 - 2019-04-11 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NinjaGram
2019-12-14 16:59 - 2019-04-11 18:34 - 000000000 ____D C:\Program Files (x86)\NinjaGram
2019-12-14 09:25 - 2018-03-20 10:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-13 22:06 - 2019-10-07 20:37 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001UA1d57d46a18e38de
2019-12-13 22:06 - 2019-10-07 20:37 - 000003500 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001Core1d57d46a18cb602
2019-12-13 22:01 - 2019-10-08 19:01 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57e026ae4f345
2019-12-13 22:01 - 2019-10-08 19:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57e026adf7bd6
2019-12-13 21:43 - 2018-03-20 10:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-13 17:26 - 2018-04-29 22:28 - 000000000 ____D C:\Users\pocitac\AppData\Local\ElevatedDiagnostics
2019-12-13 17:03 - 2019-11-15 14:31 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogui.exe
==================== Files in the root of some directories ========
2018-09-28 21:06 - 2018-09-28 21:06 - 000000000 _____ () C:\Users\pocitac\AppData\Local\oobelibMkey.log
2018-03-20 14:41 - 2018-09-20 08:20 - 000007595 _____ () C:\Users\pocitac\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by pocitac (31-12-2019 09:12:43)
Running from C:\Users\pocitac\Desktop
Windows 10 Pro Version 1809 17763.864 (X64) (2019-01-28 22:40:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3212853156-1841250429-348462128-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3212853156-1841250429-348462128-503 - Limited - Disabled)
Guest (S-1-5-21-3212853156-1841250429-348462128-501 - Limited - Disabled)
pocitac (S-1-5-21-3212853156-1841250429-348462128-1001 - Administrator - Enabled) => C:\Users\pocitac
WDAGUtilityAccount (S-1-5-21-3212853156-1841250429-348462128-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
adobe (HKLM\...\{C292D9FF-FE73-4A50-8FEB-3BE480A6DB27}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_b5ed30048e229c36945fd3d95860c0b) (Version: 13.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM\...\{B67E158B-5B0D-46B1-89FF-0F4AFD0C6ABE}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated)
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.84 - Hulubulu Software)
Alien Skin Exposure X2 Bundle (HKLM\...\Alien Skin Exposure X2 Bundle) (Version: - Alien Skin)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.3.1 (HKLM-x32\...\Audacity_is1) (Version: 2.3.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Balíček ovladače systému Windows - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Balíček ovladače systému Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Balíček ovladače systému Windows - Phase One A/S (WinUSB) USBDevice (09/18/2017 1.14.0.0) (HKLM\...\5D536C8BAC29754ACD7E2AFB52D1C2B1EA169BE6) (Version: 09/18/2017 1.14.0.0 - Phase One A/S)
Balíček ovladačů pro úsporný režim (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28.05.2015) - Samsung Electronics Co., Ltd.)
Capture One 11.3 (HKLM\...\CaptureOne11_is1) (Version: 11.3.1.4 - Phase One A/S)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ERawP (Extract Raw Preview) version 1.1 (HKLM-x32\...\ERawP-fu-ku-jitsu_is1) (Version: - )
Google Ads Editor (HKLM-x32\...\{9572A86E-16E6-11EA-B462-DC4A3E998CF6}) (Version: 13.2.4.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Iridient X-Transformer version 1.6.1 (HKLM\...\{173081AB-9FF2-4BA7-9F51-422364D6ECF7}_is1) (Version: 1.6.1 - Iridient Digital, Inc.)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
NinjaGram (HKLM-x32\...\NinjaGram_is1) (Version: - ninjapinner.com)
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Opera Stable 65.0.3467.78 (HKLM-x32\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A0ACB885-7CDD-4E43-9109-E49CF70E4039}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{FC39343C-732F-433E-9929-F9D08BA73792}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{7FFD0E0F-478A-4393-BBB0-4B20FAF5F3B7}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pencil 3.0.4 (HKLM\...\2a2f4ce9-e92a-500d-8065-b9addc0dda9f) (Version: 3.0.4 - Evolus)
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Python 3.6.5 (32-bit) (HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\{3346977b-49da-4095-8f4d-f56f103e52e9}) (Version: 3.6.5150.0 - Python Software Foundation)
Python 3.6.5 Core Interpreter (32-bit) (HKLM-x32\...\{58E1C809-82C5-4EDF-B69B-188A6C81F21F}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Development Libraries (32-bit) (HKLM-x32\...\{21FD2EE0-8D55-49DC-A1B0-771696DDEE98}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Documentation (32-bit) (HKLM-x32\...\{5C613D87-0AED-48A9-A216-3A3783463D6C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Executables (32-bit) (HKLM-x32\...\{9107CF1A-A09C-4035-B29E-E79B4098AB8C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 pip Bootstrap (32-bit) (HKLM-x32\...\{C024F06C-0E37-4529-945F-7920A9CFFD78}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Standard Library (32-bit) (HKLM-x32\...\{8C2E8A7D-95CC-491C-AB9C-DE785A137D00}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{052FD2FB-034D-4CDD-864E-798DE45C742A}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Test Suite (32-bit) (HKLM-x32\...\{86533809-919A-4858-AFC4-4226B86C5291}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Utility Scripts (32-bit) (HKLM-x32\...\{5C0C82E9-B580-4EE4-894A-4451A23B0E2C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{8A66FEC2-E443-4219-B9AC-F9B10607B57C}) (Version: 3.6.6295.0 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 rc2 - Ghisler Software GmbH)
TransMac version 12.5 (HKLM-x32\...\TransMac_is1) (Version: 12.5 - Acute Systems)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.4.2 - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WD Desktop App 2.1.0.245 (HKLM-x32\...\{d303f1fe-6729-4693-b2e1-51d13b450de5}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.245 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.3.34 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
XnViewMP 0.90 (HKLM\...\XnViewMP_is1) (Version: 0.90 - Gougelet Pierre-e)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.2 - ZONER software)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-11-12] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-12] (Autodesk Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-11-12] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0 [2019-11-13] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-036CDB1CBAFA} -> [Creative Cloud Files] => C:\Users\pocitac\Creative Cloud Files [2019-11-02 07:39]
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
SSODL: WDFSMountNotificator-wdfsconnect2017 - {89BA3D84-8119-4434-8A50-22AFB6ADCC29} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {89BA3D84-8119-4434-8A50-22AFB6ADCC29} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [PDFArchitect6_ManagerExt] -> {6508EEA0-C540-4420-AF21-64937A1536D0} => C:\Program Files\PDF Architect 6\context-menu.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1_S-1-5-21-3212853156-1841250429-348462128-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-03-20 10:49 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2019-07-17 16:36 - 2019-07-17 16:36 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2019-07-17 16:36 - 2019-07-17 16:36 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2019-07-17 16:36 - 2019-07-17 16:36 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 001927680 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_calib3d310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 002507264 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_core310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 000787968 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_features2d310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 000525312 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_flann310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 002905088 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_imgproc310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 000484352 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_video310.dll
2019-05-08 00:06 - 2019-05-08 00:06 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2019-12-31 09:12 - 2019-12-31 09:12 - 000064512 _____ () [File not signed] C:\Users\pocitac\AppData\Local\Temp\cr_sdk_temp_00096266.tmp
2008-08-14 07:15 - 2008-08-14 07:15 - 000481792 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-03-09 04:20 - 2018-03-09 04:20 - 000427520 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 6\libcurl.dll
2019-07-17 16:36 - 2017-11-10 11:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-11-14 18:26 - 000000834 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pocitac\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{19027A8D-1C07-40A8-ACBD-75B20C10251E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{786F7FE6-4E48-406A-9F10-552191751CC0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{0506FA94-83FE-4900-B65F-F58A69C34A0F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{9603536B-12CD-43C4-9F0B-1738FF573080}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{BE71AC38-95AB-4C7D-BE21-A749523196B1}] => (Allow) LPort=5353
FirewallRules: [{4C8DE18F-748D-4828-AAB7-A7664A5F1F6C}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{326B8A5A-C14C-4BED-947A-4296702C714E}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{D14377F3-E517-498C-8D46-A65E1733CBB5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D852349F-2842-405D-A260-B821130B61E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6160AFFA-4753-4871-BB64-C22D4D8380FE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{506D37EB-475D-4CE5-A5E4-94297AABD442}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BD2A7782-7B0D-46C5-BA90-0C08619E6419}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{DBEE3B2B-D642-428B-8FDA-B36A47CBD854}C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{61766009-BEAE-4EE4-B851-DDF950AC915F}C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{12C839BB-EB20-4CF4-A7FB-550F93A21E75}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DCCFC69A-CC12-4527-A7FB-8BFE0DCEEDFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C64F12EE-6266-47A4-8DF4-80F44D034756}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{385C8979-7DD7-4B77-A5B4-5AFD7D092C5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B30D5B86-4C6E-4415-8C3F-EA88394B6DE9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{74A11FC7-F60F-4057-A70D-BD8923B63122}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AD6F4C2-7275-4BE8-9100-76DD5B09A9F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{355989AA-805C-4E4C-894D-720D8BB6A115}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A852E6F7-F1D8-43C1-A047-88173B8FD139}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{055FF0AC-6EEE-428A-9FA8-0C1D45F405F9}] => (Allow) C:\Program Files\Opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{FE7518E2-7063-4A53-8946-9F67C05B3FB9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EA239FF4-4CF2-49F3-A81A-977CE78F8047}] => (Allow) C:\Program Files\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
13-12-2019 19:45:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/31/2019 09:11:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 28.12.2019.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 6dc
Čas spuštění: 01d5bfb1b3cb984d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\pocitac\Downloads\FRST64.exe
ID hlášení: 9e7a6a8e-030a-4617-ae49-5da5723bb803
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (12/29/2019 06:46:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AdobeIPCBroker.exe, verze: 5.6.1.39, časové razítko: 0x5d64db11
Název chybujícího modulu: AdobeIPCBroker.exe, verze: 5.6.1.39, časové razítko: 0x5d64db11
Kód výjimky: 0xc0000005
Posun chyby: 0x000e37a0
ID chybujícího procesu: 0x23d0
Čas spuštění chybující aplikace: 0x01d5be6c778cc3be
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
ID zprávy: 55e04888-44c9-49ac-8324-7786f2a7d232
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/22/2019 08:28:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x32e0
Čas spuštění chybující aplikace: 0x01d5b8e3703c1dbc
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 0a12b58b-8caa-4eb9-b5f1-d44f47ef283d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/21/2019 10:46:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1984
Čas spuštění chybující aplikace: 0x01d5b83acda3208f
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: a628f3eb-f096-4594-a373-86957349f421
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/21/2019 07:29:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x26ec
Čas spuštění chybující aplikace: 0x01d5b823ed423a3b
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: b610c897-9865-4464-a100-2887b7bdaa9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/20/2019 08:02:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1e40
Čas spuštění chybující aplikace: 0x01d5b73f46045b90
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: c6ade328-ce0c-495a-8f93-2fba1e2d598e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/17/2019 09:57:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x3acc
Čas spuštění chybující aplikace: 0x01d5b4e97b461f42
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 40c26709-00ef-406d-bc7f-8e6e8bd4e4d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/17/2019 11:17:03 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-KPE6271)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
System errors:
=============
Error: (12/31/2019 09:13:54 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/31/2019 09:13:54 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/31/2019 09:12:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (12/31/2019 09:12:27 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/31/2019 09:10:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (12/31/2019 09:10:27 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KPE6271)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/31/2019 09:09:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/31/2019 09:09:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2019-09-05 23:39:14.161
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 23:39:14.160
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 23:39:14.156
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 23:39:14.155
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.301
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.300
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.295
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.294
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F4 09/22/2017
Motherboard: Gigabyte Technology Co., Ltd. Z370 HD3P-CF
Processor: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
Percentage of memory in use: 63%
Total physical RAM: 16257.55 MB
Available physical RAM: 5949.71 MB
Total Virtual: 26497.55 MB
Available Virtual: 15659.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.33 GB) (Free:91.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:2794.52 GB) (Free:195.23 GB) NTFS
Drive e: (VERBATIM HD) (Fixed) (Total:465.76 GB) (Free:90.43 GB) NTFS
Drive f: (My Book) (Fixed) (Total:7452 GB) (Free:6798.27 GB) exFAT
Drive g: (Seagate Backup Plus Drive) (Fixed) (Total:2794.39 GB) (Free:191.21 GB) NTFS
\\?\Volume{8d47d0a9-0000-0000-0000-a01b3a000000}\ () (Fixed) (Total:0.45 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 8D47D0A9)
Partition 1: (Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=463 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 0ACBC596)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7A035347)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 7452 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 9AF95FCC)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by pocitac (administrator) on DESKTOP-KPE6271 (Gigabyte Technology Co., Ltd. Z370 HD3P) (31-12-2019 09:12:01)
Running from C:\Users\pocitac\Desktop
Loaded Profiles: pocitac (Available Profiles: pocitac)
Platform: Windows 10 Pro Version 1809 17763.864 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Computer, Inc.) [File not signed] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26bbf8841b534486\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26bbf8841b534486\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.71.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\ws.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen) C:\PenTabletDriver\TabletDriver.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\kdd
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Users\pocitac\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\...\Run: [TabletDriver] => C:\PenTabletDriver\TabletDriver.exe [3160448 2018-11-12] (Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-07-17] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [Google Update] => C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe [219592 2019-12-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-12] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\Run: [GoogleChromeAutoLaunch_0A71E58A4F5EAA28BB7CB157609770E4] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-12] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10364A88-CEB7-45D1-9CCC-959A85179701} - System32\Tasks\WD Device Agent Task pocitac => C:\Users\pocitac\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [720432 2019-09-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {13BB3748-8325-420B-88B8-2CB3CD694BBB} - System32\Tasks\GoogleUpdateTaskMachineCore1d57e026adf7bd6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {1568DF44-7DF3-4556-A12F-0B3378DC820A} - System32\Tasks\WD Discovery Service Task pocitac => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [71408 2019-07-17] (Western Digital Technologies, Inc. -> )
Task: {28535C3A-7D16-4669-BAC6-45972942306D} - System32\Tasks\Opera scheduled Autoupdate 1524161287 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {3C2A10EA-EAFF-4A50-99A1-4E53E2469933} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001UA => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {40280B2C-463F-489A-AA40-7EBB194D4593} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {484AF93B-8CAF-4BFE-948E-C81AC0C34590} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KPE6271-pocitac => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5C088BA5-1B96-432E-A2D3-37CB04BA1286} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {60307B25-ED3F-4047-AD73-7EF639E8805C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-12] (Piriform Software Ltd -> Piriform Ltd)
Task: {603268D8-06C7-46DF-AFB3-06FAE2AB8CA1} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-KPE6271-pocitac => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6DE86DED-177E-4FE9-B543-C21E40ACA025} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe
Task: {709121F7-8B5D-4BD3-AA76-58591A171739} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {890B0F3F-0B05-4586-8E47-632DB25019C8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8BE8D9F8-CEF4-47B4-9621-706BD16BFDEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001UA1d57d46a18e38de => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {9D1F6D0E-DA29-4D58-93B0-C4E15D40DAB5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\WINDOWS\system32\winrmsrv.exe [731136 2019-12-13] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {B232793C-7C27-4534-90FF-46EEC9385B2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {CDB21817-EB66-4160-89AB-83E8EC79D82E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001Core => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {D5925BC9-9728-4A53-B2EE-69C251AE083E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {E287C5D4-24C9-4B54-A628-8E1B8954FC32} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001Core1d57d46a18cb602 => C:\Users\pocitac\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-06-22] (Google Inc -> Google Inc.)
Task: {E52EA1BA-B8C4-419E-BA61-63E70900F014} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E743864A-FCBC-4B11-86C1-E8241340061A} - System32\Tasks\GoogleUpdateTaskMachineUA1d57e026ae4f345 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {F666C86B-A8B5-4CD0-A4F0-AFF83488A72F} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C:\WINDOWS\system32\winlogui.exe [750592 2019-12-13] (Microsoft Corporation) [File not signed]
Task: {FDC5F6A1-3EA5-4E10-BBCC-9D1F9918DF00} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3afa13f6-63db-499c-ba42-21ff6280c9c5}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: No Name -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29}' -> No File
BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: No Name -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29}' -> No File
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Edge:
======
DownloadDir: C:\Users\pocitac\Downloads
FireFox:
========
FF DefaultProfile: 1g0qh1g8.default
FF ProfilePath: C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default [2019-12-31]
FF Homepage: Mozilla\Firefox\Profiles\1g0qh1g8.default -> hxxp://www.seznam.cz
FF Extension: (Exif Viewer) - C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2018-06-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default\Extensions\sp@avast.com.xpi [2019-12-21]
FF Extension: (Avast Online Security) - C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\1g0qh1g8.default\Extensions\wrc@avast.com.xpi [2019-12-17]
FF HKLM\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 6 Creator) - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi [2018-09-18]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-31] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-31] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3212853156-1841250429-348462128-1001: @tools.google.com/Google Update;version=3 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-3212853156-1841250429-348462128-1001: @tools.google.com/Google Update;version=9 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default [2019-12-31]
CHR Extension: (Prezentace) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-31]
CHR Extension: (Dokumenty) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-31]
CHR Extension: (Disk Google) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-31]
CHR Extension: (YouTube) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-31]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-12-17]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-18]
CHR Extension: (Tabulky) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Avast Online Security) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20]
CHR Extension: (Gram Up! – Free Instagram Bot by Instabot) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\njonkbhnmmjgancfbncekpgkmidhbbpo [2019-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-11-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-11-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-17] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2014-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-10] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-10] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-31 09:12 - 2019-12-31 09:12 - 000028705 _____ C:\Users\pocitac\Desktop\FRST.txt
2019-12-31 09:10 - 2019-12-31 09:12 - 000000000 ____D C:\FRST
2019-12-31 09:10 - 2019-12-31 09:11 - 000026070 _____ C:\Users\pocitac\Downloads\Addition.txt
2019-12-31 09:10 - 2019-12-31 09:10 - 000035268 _____ C:\Users\pocitac\Downloads\FRST.txt
2019-12-31 09:09 - 2019-12-31 09:09 - 002272256 _____ (Farbar) C:\Users\pocitac\Desktop\FRST64.exe
2019-12-17 20:33 - 2019-12-17 20:33 - 000001106 _____ C:\Users\pocitac\Desktop\Adobe Lightroom Classic CC.lnk
2019-12-17 20:33 - 2019-12-17 20:33 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2019-12-15 13:03 - 2019-12-15 13:03 - 000020462 _____ C:\Users\pocitac\Downloads\XJpxhv7P.html
2019-12-13 17:54 - 2019-12-14 09:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-13 17:09 - 2019-12-13 17:09 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Ads Editor
2019-12-13 17:03 - 2019-12-13 17:03 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrmsrv.exe
2019-12-13 17:03 - 2019-12-13 17:03 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winscomrssrv.dll
2019-12-13 17:03 - 2019-12-13 17:03 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-12-13 17:03 - 2019-12-13 17:03 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2019-12-13 17:03 - 2019-11-05 16:30 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-31 09:07 - 2018-03-20 10:47 - 000000000 ____D C:\Users\pocitac\AppData\LocalLow\Mozilla
2019-12-31 09:02 - 2019-01-28 23:43 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-31 09:02 - 2018-09-15 18:39 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-31 09:02 - 2018-09-15 18:39 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-31 09:02 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-31 08:56 - 2019-07-17 16:36 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\WD Discovery
2019-12-31 08:56 - 2019-07-17 16:28 - 000000000 ____D C:\Users\pocitac\.wdc
2019-12-31 08:56 - 2019-01-28 23:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-31 08:56 - 2018-10-25 14:27 - 000000000 __SHD C:\Users\pocitac\IntelGraphicsProfiles
2019-12-31 08:56 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-31 00:31 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-30 17:05 - 2018-03-24 16:35 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\vlc
2019-12-29 18:46 - 2018-06-30 20:54 - 000000000 ____D C:\Users\pocitac\AppData\Local\CrashDumps
2019-12-29 18:26 - 2019-10-03 10:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-25 23:59 - 2019-01-28 23:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-23 21:26 - 2018-04-27 18:33 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\XnViewMP
2019-12-22 20:28 - 2018-03-23 21:29 - 000000000 ____D C:\Users\pocitac\AppData\Roaming\uTorrent
2019-12-19 22:30 - 2018-04-19 19:08 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-12-19 22:30 - 2018-04-19 19:06 - 000000000 ____D C:\Program Files\Opera
2019-12-17 20:33 - 2018-05-19 07:08 - 000000000 ____D C:\Users\pocitac\AppData\Local\D3DSCache
2019-12-17 19:49 - 2018-05-31 07:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 19:49 - 2018-05-31 07:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 16:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-17 11:17 - 2019-04-11 18:34 - 000000000 ____D C:\ProgramData\NinjaGram
2019-12-14 16:59 - 2019-04-11 18:34 - 000001166 _____ C:\Users\pocitac\Desktop\NinjaGram.lnk
2019-12-14 16:59 - 2019-04-11 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NinjaGram
2019-12-14 16:59 - 2019-04-11 18:34 - 000000000 ____D C:\Program Files (x86)\NinjaGram
2019-12-14 09:25 - 2018-03-20 10:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-13 22:06 - 2019-10-07 20:37 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001UA1d57d46a18e38de
2019-12-13 22:06 - 2019-10-07 20:37 - 000003500 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3212853156-1841250429-348462128-1001Core1d57d46a18cb602
2019-12-13 22:01 - 2019-10-08 19:01 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57e026ae4f345
2019-12-13 22:01 - 2019-10-08 19:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57e026adf7bd6
2019-12-13 21:43 - 2018-03-20 10:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-13 17:26 - 2018-04-29 22:28 - 000000000 ____D C:\Users\pocitac\AppData\Local\ElevatedDiagnostics
2019-12-13 17:03 - 2019-11-15 14:31 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogui.exe
==================== Files in the root of some directories ========
2018-09-28 21:06 - 2018-09-28 21:06 - 000000000 _____ () C:\Users\pocitac\AppData\Local\oobelibMkey.log
2018-03-20 14:41 - 2018-09-20 08:20 - 000007595 _____ () C:\Users\pocitac\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by pocitac (31-12-2019 09:12:43)
Running from C:\Users\pocitac\Desktop
Windows 10 Pro Version 1809 17763.864 (X64) (2019-01-28 22:40:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3212853156-1841250429-348462128-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3212853156-1841250429-348462128-503 - Limited - Disabled)
Guest (S-1-5-21-3212853156-1841250429-348462128-501 - Limited - Disabled)
pocitac (S-1-5-21-3212853156-1841250429-348462128-1001 - Administrator - Enabled) => C:\Users\pocitac
WDAGUtilityAccount (S-1-5-21-3212853156-1841250429-348462128-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
adobe (HKLM\...\{C292D9FF-FE73-4A50-8FEB-3BE480A6DB27}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_b5ed30048e229c36945fd3d95860c0b) (Version: 13.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM\...\{B67E158B-5B0D-46B1-89FF-0F4AFD0C6ABE}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated)
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.84 - Hulubulu Software)
Alien Skin Exposure X2 Bundle (HKLM\...\Alien Skin Exposure X2 Bundle) (Version: - Alien Skin)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.3.1 (HKLM-x32\...\Audacity_is1) (Version: 2.3.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Balíček ovladače systému Windows - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Balíček ovladače systému Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Balíček ovladače systému Windows - Phase One A/S (WinUSB) USBDevice (09/18/2017 1.14.0.0) (HKLM\...\5D536C8BAC29754ACD7E2AFB52D1C2B1EA169BE6) (Version: 09/18/2017 1.14.0.0 - Phase One A/S)
Balíček ovladačů pro úsporný režim (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28.05.2015) - Samsung Electronics Co., Ltd.)
Capture One 11.3 (HKLM\...\CaptureOne11_is1) (Version: 11.3.1.4 - Phase One A/S)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ERawP (Extract Raw Preview) version 1.1 (HKLM-x32\...\ERawP-fu-ku-jitsu_is1) (Version: - )
Google Ads Editor (HKLM-x32\...\{9572A86E-16E6-11EA-B462-DC4A3E998CF6}) (Version: 13.2.4.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Iridient X-Transformer version 1.6.1 (HKLM\...\{173081AB-9FF2-4BA7-9F51-422364D6ECF7}_is1) (Version: 1.6.1 - Iridient Digital, Inc.)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
NinjaGram (HKLM-x32\...\NinjaGram_is1) (Version: - ninjapinner.com)
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Opera Stable 65.0.3467.78 (HKLM-x32\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A0ACB885-7CDD-4E43-9109-E49CF70E4039}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{FC39343C-732F-433E-9929-F9D08BA73792}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{7FFD0E0F-478A-4393-BBB0-4B20FAF5F3B7}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pencil 3.0.4 (HKLM\...\2a2f4ce9-e92a-500d-8065-b9addc0dda9f) (Version: 3.0.4 - Evolus)
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Python 3.6.5 (32-bit) (HKU\S-1-5-21-3212853156-1841250429-348462128-1001\...\{3346977b-49da-4095-8f4d-f56f103e52e9}) (Version: 3.6.5150.0 - Python Software Foundation)
Python 3.6.5 Core Interpreter (32-bit) (HKLM-x32\...\{58E1C809-82C5-4EDF-B69B-188A6C81F21F}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Development Libraries (32-bit) (HKLM-x32\...\{21FD2EE0-8D55-49DC-A1B0-771696DDEE98}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Documentation (32-bit) (HKLM-x32\...\{5C613D87-0AED-48A9-A216-3A3783463D6C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Executables (32-bit) (HKLM-x32\...\{9107CF1A-A09C-4035-B29E-E79B4098AB8C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 pip Bootstrap (32-bit) (HKLM-x32\...\{C024F06C-0E37-4529-945F-7920A9CFFD78}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Standard Library (32-bit) (HKLM-x32\...\{8C2E8A7D-95CC-491C-AB9C-DE785A137D00}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{052FD2FB-034D-4CDD-864E-798DE45C742A}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Test Suite (32-bit) (HKLM-x32\...\{86533809-919A-4858-AFC4-4226B86C5291}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Utility Scripts (32-bit) (HKLM-x32\...\{5C0C82E9-B580-4EE4-894A-4451A23B0E2C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{8A66FEC2-E443-4219-B9AC-F9B10607B57C}) (Version: 3.6.6295.0 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 rc2 - Ghisler Software GmbH)
TransMac version 12.5 (HKLM-x32\...\TransMac_is1) (Version: 12.5 - Acute Systems)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.4.2 - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WD Desktop App 2.1.0.245 (HKLM-x32\...\{d303f1fe-6729-4693-b2e1-51d13b450de5}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.245 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.3.34 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
XnViewMP 0.90 (HKLM\...\XnViewMP_is1) (Version: 0.90 - Gougelet Pierre-e)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.2 - ZONER software)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-11-12] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-12] (Autodesk Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-11-12] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0 [2019-11-13] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-036CDB1CBAFA} -> [Creative Cloud Files] => C:\Users\pocitac\Creative Cloud Files [2019-11-02 07:39]
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3212853156-1841250429-348462128-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\pocitac\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
SSODL: WDFSMountNotificator-wdfsconnect2017 - {89BA3D84-8119-4434-8A50-22AFB6ADCC29} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {89BA3D84-8119-4434-8A50-22AFB6ADCC29} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {89BA3D84-8119-4434-8A50-22AFB6ADCC29} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [PDFArchitect6_ManagerExt] -> {6508EEA0-C540-4420-AF21-64937A1536D0} => C:\Program Files\PDF Architect 6\context-menu.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:\Program Files\WD Desktop App\kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1_S-1-5-21-3212853156-1841250429-348462128-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-03-20 10:49 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2019-07-17 16:36 - 2019-07-17 16:36 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2019-07-17 16:36 - 2019-07-17 16:36 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2019-07-17 16:36 - 2019-07-17 16:36 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 001927680 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_calib3d310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 002507264 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_core310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 000787968 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_features2d310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 000525312 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_flann310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 002905088 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_imgproc310.dll
2019-03-19 03:46 - 2019-03-19 03:46 - 000484352 _____ () [File not signed] C:\Program Files\Adobe\Adobe Lightroom Classic CC\opencv_video310.dll
2019-05-08 00:06 - 2019-05-08 00:06 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2019-12-31 09:12 - 2019-12-31 09:12 - 000064512 _____ () [File not signed] C:\Users\pocitac\AppData\Local\Temp\cr_sdk_temp_00096266.tmp
2008-08-14 07:15 - 2008-08-14 07:15 - 000481792 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-03-09 04:20 - 2018-03-09 04:20 - 000427520 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 6\libcurl.dll
2019-07-17 16:36 - 2017-11-10 11:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-11-14 18:26 - 000000834 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3212853156-1841250429-348462128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pocitac\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{19027A8D-1C07-40A8-ACBD-75B20C10251E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{786F7FE6-4E48-406A-9F10-552191751CC0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{0506FA94-83FE-4900-B65F-F58A69C34A0F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{9603536B-12CD-43C4-9F0B-1738FF573080}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{BE71AC38-95AB-4C7D-BE21-A749523196B1}] => (Allow) LPort=5353
FirewallRules: [{4C8DE18F-748D-4828-AAB7-A7664A5F1F6C}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{326B8A5A-C14C-4BED-947A-4296702C714E}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{D14377F3-E517-498C-8D46-A65E1733CBB5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D852349F-2842-405D-A260-B821130B61E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6160AFFA-4753-4871-BB64-C22D4D8380FE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{506D37EB-475D-4CE5-A5E4-94297AABD442}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BD2A7782-7B0D-46C5-BA90-0C08619E6419}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{DBEE3B2B-D642-428B-8FDA-B36A47CBD854}C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{61766009-BEAE-4EE4-B851-DDF950AC915F}C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pocitac\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{12C839BB-EB20-4CF4-A7FB-550F93A21E75}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DCCFC69A-CC12-4527-A7FB-8BFE0DCEEDFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C64F12EE-6266-47A4-8DF4-80F44D034756}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{385C8979-7DD7-4B77-A5B4-5AFD7D092C5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B30D5B86-4C6E-4415-8C3F-EA88394B6DE9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{74A11FC7-F60F-4057-A70D-BD8923B63122}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AD6F4C2-7275-4BE8-9100-76DD5B09A9F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{355989AA-805C-4E4C-894D-720D8BB6A115}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A852E6F7-F1D8-43C1-A047-88173B8FD139}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{055FF0AC-6EEE-428A-9FA8-0C1D45F405F9}] => (Allow) C:\Program Files\Opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{FE7518E2-7063-4A53-8946-9F67C05B3FB9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EA239FF4-4CF2-49F3-A81A-977CE78F8047}] => (Allow) C:\Program Files\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
13-12-2019 19:45:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/31/2019 09:11:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 28.12.2019.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 6dc
Čas spuštění: 01d5bfb1b3cb984d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\pocitac\Downloads\FRST64.exe
ID hlášení: 9e7a6a8e-030a-4617-ae49-5da5723bb803
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (12/29/2019 06:46:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AdobeIPCBroker.exe, verze: 5.6.1.39, časové razítko: 0x5d64db11
Název chybujícího modulu: AdobeIPCBroker.exe, verze: 5.6.1.39, časové razítko: 0x5d64db11
Kód výjimky: 0xc0000005
Posun chyby: 0x000e37a0
ID chybujícího procesu: 0x23d0
Čas spuštění chybující aplikace: 0x01d5be6c778cc3be
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
ID zprávy: 55e04888-44c9-49ac-8324-7786f2a7d232
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/22/2019 08:28:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x32e0
Čas spuštění chybující aplikace: 0x01d5b8e3703c1dbc
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 0a12b58b-8caa-4eb9-b5f1-d44f47ef283d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/21/2019 10:46:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1984
Čas spuštění chybující aplikace: 0x01d5b83acda3208f
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: a628f3eb-f096-4594-a373-86957349f421
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/21/2019 07:29:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x26ec
Čas spuštění chybující aplikace: 0x01d5b823ed423a3b
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: b610c897-9865-4464-a100-2887b7bdaa9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/20/2019 08:02:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1e40
Čas spuštění chybující aplikace: 0x01d5b73f46045b90
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: c6ade328-ce0c-495a-8f93-2fba1e2d598e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/17/2019 09:57:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x3acc
Čas spuštění chybující aplikace: 0x01d5b4e97b461f42
Cesta k chybující aplikaci: C:\Users\pocitac\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 40c26709-00ef-406d-bc7f-8e6e8bd4e4d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/17/2019 11:17:03 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-KPE6271)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
System errors:
=============
Error: (12/31/2019 09:13:54 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/31/2019 09:13:54 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/31/2019 09:12:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (12/31/2019 09:12:27 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/31/2019 09:10:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (12/31/2019 09:10:27 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KPE6271)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/31/2019 09:09:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/31/2019 09:09:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KPE6271)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-KPE6271\pocitac (SID: S-1-5-21-3212853156-1841250429-348462128-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2019-09-05 23:39:14.161
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 23:39:14.160
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 23:39:14.156
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 23:39:14.155
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.301
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.300
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.295
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-05 11:40:48.294
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F4 09/22/2017
Motherboard: Gigabyte Technology Co., Ltd. Z370 HD3P-CF
Processor: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
Percentage of memory in use: 63%
Total physical RAM: 16257.55 MB
Available physical RAM: 5949.71 MB
Total Virtual: 26497.55 MB
Available Virtual: 15659.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.33 GB) (Free:91.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:2794.52 GB) (Free:195.23 GB) NTFS
Drive e: (VERBATIM HD) (Fixed) (Total:465.76 GB) (Free:90.43 GB) NTFS
Drive f: (My Book) (Fixed) (Total:7452 GB) (Free:6798.27 GB) exFAT
Drive g: (Seagate Backup Plus Drive) (Fixed) (Total:2794.39 GB) (Free:191.21 GB) NTFS
\\?\Volume{8d47d0a9-0000-0000-0000-a01b3a000000}\ () (Fixed) (Total:0.45 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 8D47D0A9)
Partition 1: (Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=463 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 0ACBC596)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7A035347)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 7452 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 9AF95FCC)
Partition: GPT.
==================== End of Addition.txt =======================