Pomalé spuštění ntb
Napsal: 22 led 2020 14:53
Prosím o pomoc. Ntb se mi po několka měsících velmi zpomalil, hlavně po spuštění. Děkuji
******************
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (22-01-2020 14:38:16)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ACD Systems International -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\LogTransport2.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1910.1283.0_x64__8wekyb3d8bbwe\LocalBridge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5553712 2019-12-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0D5AB018-2F47-47CF-AFA3-07476CF262CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {82582F81-C49F-4D1C-B016-9A7B1318A102} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-01-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-18]
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://puttraffic.com; hxxps://trycracksoftware.com; hxxps://vk.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://zulip.pirati.cz
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-24]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-11-18]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-09-23]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152672 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32776 2018-05-11] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:38 - 2020-01-22 14:40 - 000031547 _____ C:\Users\croft\Desktop\FRST.txt
2020-01-22 14:36 - 2020-01-22 14:36 - 002580480 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2020-01-22 09:59 - 2020-01-22 09:59 - 000144431 _____ C:\Users\croft\Downloads\DNEDP4-8862013402-20200121-210237.pdf
2020-01-20 19:13 - 2020-01-20 19:13 - 002609972 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.de.cs.pdf
2020-01-20 19:12 - 2020-01-20 19:12 - 002467452 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.pdf
2020-01-19 16:45 - 2020-01-19 18:55 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-01-19 13:40 - 2020-01-19 13:40 - 000363006 _____ C:\Users\croft\Downloads\priloha_743523478_0_Dopis_OSVC_2020_-_DS.pdf
2020-01-19 13:40 - 2020-01-19 13:40 - 000199773 _____ C:\Users\croft\Downloads\priloha_743515926_0_p690427307_6957163103.pdf
2020-01-18 20:43 - 2020-01-18 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-18 10:43 - 2020-01-18 10:43 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-18 10:42 - 2020-01-18 10:43 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-01-13 19:43 - 2020-01-13 19:43 - 000000000 ____D C:\Users\croft\Downloads\10_18
2020-01-13 19:41 - 2020-01-13 19:41 - 000000000 ____D C:\Users\croft\Downloads\06_2019
2020-01-13 14:59 - 2020-01-13 15:16 - 3199629713 _____ C:\Users\croft\Downloads\Big Boys Gone Bananas!_.mp4
2020-01-13 13:51 - 2020-01-13 13:51 - 000001458 _____ C:\Users\croft\Downloads\Dokumenty (2).htm
2020-01-12 10:01 - 2020-01-12 11:31 - 1641979103 _____ C:\Users\croft\Downloads\Baťa, první globalista - dokument CT.mkv
2020-01-10 21:54 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_19
2020-01-10 21:40 - 2020-01-10 21:41 - 000000000 ____D C:\Users\croft\Downloads\8_19
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-01-05 17:40 - 2020-01-05 17:40 - 014969468 _____ C:\Users\croft\Downloads\oprava zipu.mp4
2020-01-03 23:27 - 2020-01-13 20:35 - 000000000 ____D C:\Users\croft\Downloads\8_18
2020-01-03 22:30 - 2020-01-19 13:21 - 000000000 ____D C:\Users\croft\Downloads\5_18
2020-01-03 22:30 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_18
2020-01-03 22:30 - 2020-01-03 23:20 - 000000000 ____D C:\Users\croft\Downloads\6_18
2020-01-03 22:19 - 2020-01-10 19:36 - 000000000 ____D C:\Users\croft\Downloads\4_18
2020-01-03 22:11 - 2020-01-03 22:11 - 000000000 ____D C:\Users\croft\Downloads\3_18
2020-01-03 21:57 - 2020-01-03 22:03 - 000000000 ____D C:\Users\croft\Downloads\1_18
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:39 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-01-22 14:27 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 06:25 - 2019-03-08 17:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-21 22:25 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:57 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-21 07:49 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-01-20 15:18 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-01-20 15:06 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-01-19 21:10 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-01-18 20:47 - 2019-06-19 15:46 - 000000000 ____D C:\Program Files\UNP
2020-01-18 20:45 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-01-18 20:43 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-18 20:43 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:43 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:36 - 2019-03-08 17:18 - 000453232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 20:36 - 2019-03-08 17:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-18 20:34 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2020-01-18 11:10 - 2019-03-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-01-18 10:48 - 2019-03-08 15:39 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-18 10:48 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-01-08 15:37 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2020-01-06 18:46 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-01-03 20:47 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2020-01-03 15:01 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-23 11:29 - 2019-04-09 15:13 - 000000000 ____D C:\Program Files (x86)\Torrent
==================== Files in the root of some directories ========
2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
*******************
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020
Ran by Líba (22-01-2020 14:41:17)
Running from C:\Users\croft\Desktop
Windows 10 Home Version 1809 17763.973 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-17] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-25 03:44 - 2019-06-25 03:44 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62A2FEF2-1C1C-4EDE-A6CB-EAED6322738B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AE5B7D8-E43B-4116-BBD8-D4969FC88913}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37384BF1-6A30-4C2C-91EE-A7326D76DAD4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7BE6DBED-4A7A-436B-9AF6-67AFCD13F203}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0697D58-C222-48FD-91A8-AAA61E0987AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B8D576-18E9-44DB-9873-B41E4617AA28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27E26270-1C6B-4F51-B1CF-45AD7567296E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22E5E7C4-68C5-443E-873B-CEFAD8DF0B21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6551714-6438-4152-91C8-BC8A8E036F31}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
02-01-2020 10:29:18 Naplánovaný kontrolní bod
12-01-2020 10:30:55 Naplánovaný kontrolní bod
18-01-2020 10:24:03 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 01:39:40 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 320749160 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 09:42:42 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 306531359 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 04:23:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/21/2020 10:23:54 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 265803151 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 04:17:24 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 243815454 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 11:25:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17763.864 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 166c
Čas spuštění: 01d5ce3703eda348
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 1caf87a5-1b6f-4b06-b646-b89cd5dced0e
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/21/2020 11:25:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 226297586 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 07:46:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (01/21/2020 04:18:37 PM) (Source: DCOM) (EventID: 10010) (User: LÍBA)
Description: Server Windows.Internal.WebRuntime.ContentProcess#{00031402-0001-0000-F3C7-B20C00000000} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/20/2020 10:53:28 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/20/2020 08:29:45 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/19/2020 12:51:47 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:42 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:41 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-11-03 18:21:40.798
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6749DB17-5D80-47A5-976C-BAA512FD3794}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 14:25:47.673
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {00D2DBDC-ED36-412A-A987-262F9EDB90B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 13:28:27.206
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bitrep.A
ID: 2147723097
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.295.1355.0, AS: 1.295.1355.0, NIS: 1.295.1355.0
Verze modulu: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-24 10:09:05.050
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D857466F-649B-4343-A392-0FEDFC3013CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 10:01:21.690
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {225C9647-B675-4C39-A215-3923060F5640}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-22 20:11:23.914
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16600.7
Předchozí verze modulu: 1.1.16600.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2019-05-21 12:07:08.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-01-18 20:39:08.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:38:14.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2019-12-27 14:39:46.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:34:46.239
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:45.874
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:24:46.335
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 78%
Total physical RAM: 8078.22 MB
Available physical RAM: 1712.09 MB
Total Virtual: 13379.05 MB
Available Virtual: 3688.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:827.14 GB) NTFS
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
******************
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (22-01-2020 14:38:16)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ACD Systems International -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\LogTransport2.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1910.1283.0_x64__8wekyb3d8bbwe\LocalBridge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5553712 2019-12-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0D5AB018-2F47-47CF-AFA3-07476CF262CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {82582F81-C49F-4D1C-B016-9A7B1318A102} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-01-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-18]
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://puttraffic.com; hxxps://trycracksoftware.com; hxxps://vk.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://zulip.pirati.cz
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-24]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-11-18]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-09-23]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152672 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32776 2018-05-11] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:38 - 2020-01-22 14:40 - 000031547 _____ C:\Users\croft\Desktop\FRST.txt
2020-01-22 14:36 - 2020-01-22 14:36 - 002580480 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2020-01-22 09:59 - 2020-01-22 09:59 - 000144431 _____ C:\Users\croft\Downloads\DNEDP4-8862013402-20200121-210237.pdf
2020-01-20 19:13 - 2020-01-20 19:13 - 002609972 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.de.cs.pdf
2020-01-20 19:12 - 2020-01-20 19:12 - 002467452 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.pdf
2020-01-19 16:45 - 2020-01-19 18:55 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-01-19 13:40 - 2020-01-19 13:40 - 000363006 _____ C:\Users\croft\Downloads\priloha_743523478_0_Dopis_OSVC_2020_-_DS.pdf
2020-01-19 13:40 - 2020-01-19 13:40 - 000199773 _____ C:\Users\croft\Downloads\priloha_743515926_0_p690427307_6957163103.pdf
2020-01-18 20:43 - 2020-01-18 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-18 10:43 - 2020-01-18 10:43 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-18 10:42 - 2020-01-18 10:43 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-01-13 19:43 - 2020-01-13 19:43 - 000000000 ____D C:\Users\croft\Downloads\10_18
2020-01-13 19:41 - 2020-01-13 19:41 - 000000000 ____D C:\Users\croft\Downloads\06_2019
2020-01-13 14:59 - 2020-01-13 15:16 - 3199629713 _____ C:\Users\croft\Downloads\Big Boys Gone Bananas!_.mp4
2020-01-13 13:51 - 2020-01-13 13:51 - 000001458 _____ C:\Users\croft\Downloads\Dokumenty (2).htm
2020-01-12 10:01 - 2020-01-12 11:31 - 1641979103 _____ C:\Users\croft\Downloads\Baťa, první globalista - dokument CT.mkv
2020-01-10 21:54 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_19
2020-01-10 21:40 - 2020-01-10 21:41 - 000000000 ____D C:\Users\croft\Downloads\8_19
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-01-05 17:40 - 2020-01-05 17:40 - 014969468 _____ C:\Users\croft\Downloads\oprava zipu.mp4
2020-01-03 23:27 - 2020-01-13 20:35 - 000000000 ____D C:\Users\croft\Downloads\8_18
2020-01-03 22:30 - 2020-01-19 13:21 - 000000000 ____D C:\Users\croft\Downloads\5_18
2020-01-03 22:30 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_18
2020-01-03 22:30 - 2020-01-03 23:20 - 000000000 ____D C:\Users\croft\Downloads\6_18
2020-01-03 22:19 - 2020-01-10 19:36 - 000000000 ____D C:\Users\croft\Downloads\4_18
2020-01-03 22:11 - 2020-01-03 22:11 - 000000000 ____D C:\Users\croft\Downloads\3_18
2020-01-03 21:57 - 2020-01-03 22:03 - 000000000 ____D C:\Users\croft\Downloads\1_18
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:39 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-01-22 14:27 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 06:25 - 2019-03-08 17:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-21 22:25 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:57 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-21 07:49 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-01-20 15:18 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-01-20 15:06 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-01-19 21:10 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-01-18 20:47 - 2019-06-19 15:46 - 000000000 ____D C:\Program Files\UNP
2020-01-18 20:45 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-01-18 20:43 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-18 20:43 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:43 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:36 - 2019-03-08 17:18 - 000453232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 20:36 - 2019-03-08 17:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-18 20:34 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2020-01-18 11:10 - 2019-03-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-01-18 10:48 - 2019-03-08 15:39 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-18 10:48 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-01-08 15:37 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2020-01-06 18:46 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-01-03 20:47 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2020-01-03 15:01 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-23 11:29 - 2019-04-09 15:13 - 000000000 ____D C:\Program Files (x86)\Torrent
==================== Files in the root of some directories ========
2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
*******************
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020
Ran by Líba (22-01-2020 14:41:17)
Running from C:\Users\croft\Desktop
Windows 10 Home Version 1809 17763.973 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-17] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-25 03:44 - 2019-06-25 03:44 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62A2FEF2-1C1C-4EDE-A6CB-EAED6322738B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AE5B7D8-E43B-4116-BBD8-D4969FC88913}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37384BF1-6A30-4C2C-91EE-A7326D76DAD4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7BE6DBED-4A7A-436B-9AF6-67AFCD13F203}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0697D58-C222-48FD-91A8-AAA61E0987AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B8D576-18E9-44DB-9873-B41E4617AA28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27E26270-1C6B-4F51-B1CF-45AD7567296E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22E5E7C4-68C5-443E-873B-CEFAD8DF0B21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6551714-6438-4152-91C8-BC8A8E036F31}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
02-01-2020 10:29:18 Naplánovaný kontrolní bod
12-01-2020 10:30:55 Naplánovaný kontrolní bod
18-01-2020 10:24:03 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 01:39:40 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 320749160 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 09:42:42 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 306531359 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 04:23:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/21/2020 10:23:54 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 265803151 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 04:17:24 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 243815454 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 11:25:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17763.864 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 166c
Čas spuštění: 01d5ce3703eda348
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 1caf87a5-1b6f-4b06-b646-b89cd5dced0e
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/21/2020 11:25:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 226297586 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 07:46:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (01/21/2020 04:18:37 PM) (Source: DCOM) (EventID: 10010) (User: LÍBA)
Description: Server Windows.Internal.WebRuntime.ContentProcess#{00031402-0001-0000-F3C7-B20C00000000} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/20/2020 10:53:28 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/20/2020 08:29:45 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/19/2020 12:51:47 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:42 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:41 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-11-03 18:21:40.798
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6749DB17-5D80-47A5-976C-BAA512FD3794}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 14:25:47.673
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {00D2DBDC-ED36-412A-A987-262F9EDB90B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 13:28:27.206
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bitrep.A
ID: 2147723097
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.295.1355.0, AS: 1.295.1355.0, NIS: 1.295.1355.0
Verze modulu: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-24 10:09:05.050
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D857466F-649B-4343-A392-0FEDFC3013CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 10:01:21.690
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {225C9647-B675-4C39-A215-3923060F5640}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-22 20:11:23.914
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16600.7
Předchozí verze modulu: 1.1.16600.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2019-05-21 12:07:08.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-01-18 20:39:08.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:38:14.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2019-12-27 14:39:46.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:34:46.239
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:45.874
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:24:46.335
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 78%
Total physical RAM: 8078.22 MB
Available physical RAM: 1712.09 MB
Total Virtual: 13379.05 MB
Available Virtual: 3688.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:827.14 GB) NTFS
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
