VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by ZdenkaT (administrator) on ZDENKA (ASUSTeK COMPUTER INC. X553MA) (28-12-2020 12:10:03)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spkl.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Video Technology -> ) C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spmm.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn32.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn64.exe
(VoiceFive, Inc. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmservice.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] (ASUS Cloud Corporation -> )
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\Windows\runkey.exe [489472 2015-06-25] () [File not signed]
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8410208 2020-12-09] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [CCleanerBrowserAutoLaunch_924491819F5447E3F3C5F7FE2EF4BBF4] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [4146024 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\...\Windows x64\Print Processors\MIPR64_Q: C:\Windows\System32\spool\prtprocs\x64\MIPR64_Q.DLL [56832 2018-08-16] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2020-12-09] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {1B320336-EA17-4340-80C4-F85B8B4B9D06} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1BB225BF-D97F-4DEA-9E59-D6F6796CD5B7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {1BD69E7C-6470-4BB8-A944-04FF53A89E1F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-03-31] (ASUSTeK Computer Inc. -> AsusTek)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3E168430-A11C-4EA2-B883-C02B4B178642} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {4806CE99-7795-4551-A4C6-137F51806A46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4971A62F-5CFA-40E9-A0BD-97C97B0B0879} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {530E90BA-5E30-48FC-A10E-D6A6110D897C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {5D78CC34-EA02-44E1-847E-08A91D972A27} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {614E54CB-B200-4E50-9AD3-D8BB60615966} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1271424 2014-09-02] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70E81AC8-CBEC-4954-B879-B0516735C720} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7FDA3455-C013-4AC3-A49D-DE7B41A95FB4} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8B37A4EE-84C8-4E08-B19F-3188162832A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B65692F-EEB9-4358-BB66-5B539E55EB48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {91DB438A-A3E0-4B17-A206-47770C416DE2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE782480-113B-4D33-AD08-67F3858454E4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B09D6453-35EB-422D-8B4E-B2C3A7E0EECE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BCF0B1D5-0F21-4038-8E39-190628C92842} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440 2014-04-02] (ASUSTeK Computer Inc. -> ASUS)
Task: {C58361F0-139B-404A-940F-8F99761021AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D94AD55B-A149-45C0-A6AF-78360524DA81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAA9E255-123C-4408-B6BB-C6A54771D8A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCAE0E70-F7CF-4083-9248-166207AFF476} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {E02A45FA-49DC-48EE-A837-7695E43314C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5D06F33-5B86-41A7-BB86-DE17EFEC2C54} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {EAC27566-E63F-4B77-937A-7F48CF784BB1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {F99017DF-3855-4944-9B7F-D263FFF8E6BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4EF53902-124A-407B-9200-A0FF2AB40C6D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD3FB71E-2F36-4B17-AE57-41340214016C}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
======
Edge Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-28]

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default [2020-12-28]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-15]
CHR Extension: (Dokumenty) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-15]
CHR Extension: (Disk Google) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-28]
CHR Extension: (YouTube) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-28]
CHR Extension: (Tabulky) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-11]
CHR Extension: (Gmail) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-28]
CHR Extension: (Chrome Media Router) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [136040 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-31] (McAfee, LLC -> McAfee, Inc.)
R2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [170336 2020-04-10] (VoiceFive, Inc. -> VoiceFive, Inc.) <==== ATTENTION
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2020-12-09] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67032 2019-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-28 12:10 - 2020-12-28 12:12 - 000023965 _____ C:\Users\ZdenkaT.Zdenka\Desktop\FRST.txt
2020-12-28 12:08 - 2020-12-28 12:11 - 000000000 ____D C:\FRST
2020-12-28 12:07 - 2020-12-28 12:07 - 002286592 _____ (Farbar) C:\Users\ZdenkaT.Zdenka\Desktop\FRST64.exe
2020-12-28 11:47 - 2020-12-28 11:47 - 000032786 _____ C:\Users\ZdenkaT.Zdenka\Documents\cc_20201228_114657.reg
2020-12-28 11:47 - 2020-12-28 11:47 - 000004792 _____ C:\Users\ZdenkaT.Zdenka\Documents\cc_20201228_114745.reg
2020-12-28 03:05 - 2020-12-28 03:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-12-28 02:59 - 2020-12-28 02:59 - 000000020 ___SH C:\Users\ZdenkaT.Zdenka\ntuser.ini
2020-12-28 02:57 - 2020-12-28 02:58 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-28 02:57 - 2020-12-28 02:58 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-12-28 02:57 - 2020-12-28 02:58 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-12-28 02:57 - 2020-12-28 02:58 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3115180121-443120830-933865723-1001
2020-12-28 02:57 - 2020-12-28 02:58 - 000002748 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3115180121-443120830-933865723-1001
2020-12-28 02:57 - 2020-12-28 02:57 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-28 02:57 - 2020-12-28 02:57 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-28 02:57 - 2020-12-28 02:57 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-28 02:57 - 2020-12-28 02:57 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-12-28 02:57 - 2020-12-28 02:57 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-28 02:57 - 2020-12-28 02:57 - 000003114 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{22C8DE09-4498-4E85-A7B8-5087B49FCBBC}
2020-12-28 02:57 - 2020-12-28 02:57 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-28 02:57 - 2020-12-28 02:57 - 000002782 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2020-12-28 02:57 - 2020-12-28 02:57 - 000002774 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3115180121-443120830-933865723-500
2020-12-28 02:57 - 2020-12-28 02:57 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-12-28 02:57 - 2020-12-28 02:57 - 000002552 _____ C:\WINDOWS\system32\Tasks\ASUS Smart Gesture Launcher
2020-12-28 02:57 - 2020-12-28 02:57 - 000002234 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-28 02:57 - 2020-12-28 02:57 - 000002188 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2020-12-28 02:57 - 2020-12-28 02:57 - 000002180 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2020-12-28 02:57 - 2020-12-28 02:57 - 000002174 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-12-28 02:57 - 2020-12-28 02:57 - 000002054 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2020-12-28 02:57 - 2020-12-28 02:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-28 02:57 - 2020-12-28 02:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2020-12-28 02:57 - 2020-12-28 02:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2020-12-28 02:55 - 2020-12-28 02:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-12-28 02:55 - 2020-12-28 02:57 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-12-28 02:52 - 2020-12-28 02:52 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2020-12-28 02:52 - 2020-12-28 02:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-28 02:37 - 2020-12-28 02:37 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-28 02:22 - 2020-12-28 02:59 - 000000000 ____D C:\Users\ZdenkaT.Zdenka
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Šablony
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Soubory cookie
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Poslední
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Okolní tiskárny
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Okolní síť
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Nabídka Start
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Dokumenty
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Documents\Obrázky
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Documents\Hudba
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Documents\Filmy
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\Data aplikací
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-12-28 02:22 - 2020-12-28 02:22 - 000000000 _SHDL C:\Users\ZdenkaT.Zdenka\AppData\Local\Data aplikací
2020-12-28 02:22 - 2019-12-07 10:10 - 000001105 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-28 02:21 - 2020-12-28 02:21 - 000001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2020-12-28 02:21 - 2020-12-28 02:21 - 000001373 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2020-12-28 02:20 - 2016-05-03 23:30 - 000081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2020-12-28 02:20 - 2016-05-03 23:30 - 000077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2020-12-28 02:15 - 2020-12-28 11:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-28 02:14 - 2020-12-28 02:30 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-28 02:14 - 2020-12-28 02:15 - 000331704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-28 02:13 - 2020-12-28 02:58 - 000000000 ____D C:\Windows.old
2020-12-28 02:04 - 2020-12-28 02:13 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-12-28 01:57 - 2020-12-28 02:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-12-28 01:57 - 2020-12-28 01:57 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-12-28 01:51 - 2020-12-28 01:51 - 000000000 ____D C:\ProgramData\ssh
2020-12-28 01:37 - 2020-12-28 01:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-28 01:37 - 2020-12-28 01:37 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-12-28 01:37 - 2020-12-28 01:37 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-12-28 01:37 - 2020-12-28 01:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-12-28 01:37 - 2020-12-28 01:37 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-12-28 01:37 - 2020-12-28 01:37 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-12-28 01:36 - 2020-12-28 01:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-28 01:36 - 2020-12-28 01:36 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-12-28 01:36 - 2020-12-28 01:36 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-12-28 01:36 - 2020-12-28 01:36 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-12-28 01:36 - 2020-12-28 01:36 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-12-28 01:36 - 2020-12-28 01:36 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-12-28 01:36 - 2020-12-28 01:36 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-28 01:35 - 2020-12-28 01:36 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-12-28 01:35 - 2020-12-28 01:35 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-12-28 01:35 - 2020-12-28 01:35 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-12-28 01:35 - 2020-12-28 01:35 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-28 01:35 - 2020-12-28 01:35 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-12-28 01:35 - 2020-12-28 01:35 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-12-28 01:34 - 2020-12-28 01:34 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-12-28 01:34 - 2020-12-28 01:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-28 01:34 - 2020-12-28 01:34 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-12-28 01:34 - 2020-12-28 01:34 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-12-28 01:34 - 2020-12-28 01:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-28 01:33 - 2020-12-28 01:33 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-12-28 01:33 - 2020-12-28 01:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-28 01:33 - 2020-12-28 01:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-28 01:33 - 2020-12-28 01:33 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-28 01:32 - 2020-12-28 01:32 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-28 01:32 - 2020-12-28 01:32 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-28 01:32 - 2020-12-28 01:32 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-12-28 01:32 - 2020-12-28 01:32 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-12-28 01:32 - 2020-12-28 01:32 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-12-28 01:32 - 2020-12-28 01:32 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-12-28 01:32 - 2020-12-28 01:32 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-12-28 01:31 - 2020-12-28 01:31 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll
2020-12-28 01:31 - 2020-12-28 01:31 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-28 01:30 - 2020-12-28 01:30 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-12-28 01:30 - 2020-12-28 01:30 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-12-28 01:30 - 2020-12-28 01:30 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-12-28 01:30 - 2020-12-28 01:30 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-28 01:11 - 2020-12-28 01:11 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-12-28 01:11 - 2020-12-28 01:11 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-12-28 01:06 - 2020-12-28 01:06 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files\MSBuild
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-12-28 01:05 - 2020-12-28 01:05 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-12-27 15:37 - 2020-12-27 15:43 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\Desktop\hudba
2020-12-09 22:02 - 2020-12-28 02:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
2020-12-09 19:53 - 2020-12-28 02:58 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-09 17:43 - 2020-12-28 02:34 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-12-09 17:43 - 2020-12-28 02:34 - 000002354 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-12-09 17:43 - 2020-12-09 17:43 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\CCleaner Browser
2020-12-09 17:43 - 2020-12-09 17:43 - 000000000 ____D C:\ProgramData\CCleaner Browser
2020-12-09 17:41 - 2020-12-09 17:43 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2020-12-09 17:40 - 2020-12-28 11:45 - 000000000 ____D C:\Program Files\CCleaner
2020-12-09 17:40 - 2020-12-28 02:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-12-09 17:40 - 2020-12-09 17:40 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-09 17:39 - 2020-12-09 17:53 - 000000000 ____D C:\Program Files\WinZip Driver Updater
2020-12-09 17:39 - 2020-12-09 17:39 - 030469496 _____ (Piriform Software Ltd) C:\Users\ZdenkaT.Zdenka\Downloads\ccsetup574.exe
2020-12-09 17:35 - 2020-12-28 02:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-12-09 17:35 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft
2020-12-09 17:35 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft
2020-12-09 17:35 - 2020-04-10 01:06 - 001111392 _____ (VoiceFive, Inc.) C:\WINDOWS\system32\pmls64.dll
2020-12-09 17:35 - 2020-04-10 01:06 - 000754016 _____ (VoiceFive, Inc.) C:\WINDOWS\SysWOW64\pmls.dll
2020-12-09 17:34 - 2020-12-28 11:45 - 000000000 ____D C:\Program Files (x86)\PremierOpinion
2020-12-09 17:34 - 2020-12-09 17:34 - 030469496 _____ (Piriform Software Ltd) C:\Users\ZdenkaT.Zdenka\Downloads\ccleaner.exe
2020-12-09 17:34 - 2020-12-09 17:34 - 000000000 ____D C:\ProgramData\Lavasoft
2020-12-09 17:34 - 2020-12-09 17:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-12-09 17:32 - 2020-12-09 17:32 - 003784256 _____ (File wizard ) C:\Users\ZdenkaT.Zdenka\Downloads\ccleaner_3235337529.exe
2020-12-09 17:28 - 2020-12-09 17:28 - 000002226 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-ClickCleaner.lnk
2020-12-05 22:26 - 2020-12-05 22:26 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-28 12:24 - 2019-12-31 18:15 - 000000000 ____D C:\ProgramData\Adguard
2020-12-28 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-28 12:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-28 11:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-28 11:50 - 2018-08-15 05:34 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\Packages
2020-12-28 11:44 - 2018-08-15 05:38 - 000000093 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
2020-12-28 03:23 - 2014-10-21 05:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-28 03:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-28 03:10 - 2019-12-31 18:14 - 000000000 ____D C:\Program Files (x86)\Adguard
2020-12-28 03:09 - 2019-12-31 18:17 - 000000222 _____ C:\ProgramData\fontcacheev1.dat
2020-12-28 03:09 - 2019-12-31 18:15 - 000000222 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2020-12-28 03:09 - 2019-12-31 18:15 - 000000222 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp
2020-12-28 03:01 - 2019-12-31 16:40 - 000000000 ____D C:\ProgramData\Packages
2020-12-28 03:01 - 2019-12-31 16:21 - 000000000 ___RD C:\Users\ZdenkaT.Zdenka\3D Objects
2020-12-28 03:01 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-28 03:01 - 2018-07-18 22:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-28 03:00 - 2019-12-31 16:21 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-12-28 03:00 - 2019-12-31 16:21 - 000000000 __SHD C:\Users\ZdenkaT\IntelGraphicsProfiles
2020-12-28 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-28 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2020-12-28 02:58 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-28 02:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-12-28 02:57 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-28 02:54 - 2015-12-03 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2020-12-28 02:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-28 02:37 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-28 02:37 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-28 02:34 - 2020-07-01 16:55 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-28 02:34 - 2020-07-01 16:55 - 000002259 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-28 02:34 - 2018-08-15 05:45 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-28 02:34 - 2018-08-15 05:45 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-28 02:29 - 2019-12-31 17:28 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2020-12-28 02:29 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-28 02:29 - 2018-08-25 14:18 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-28 02:21 - 2015-12-03 14:24 - 000319042 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2020-12-28 02:21 - 2015-12-03 14:24 - 000006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2020-12-28 02:21 - 2015-12-03 14:24 - 000002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2020-12-28 02:20 - 2015-12-03 14:24 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-12-28 02:19 - 2015-12-03 14:30 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2020-12-28 02:13 - 2020-06-10 17:22 - 000000000 ____D C:\Program Files\UNP
2020-12-28 02:13 - 2019-12-31 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard
2020-12-28 02:13 - 2019-12-31 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-12-28 02:13 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2020-12-28 02:13 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\InputMethod
2020-12-28 02:13 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-28 02:13 - 2019-12-02 16:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Hotspot Shield
2020-12-28 02:13 - 2019-06-30 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyrix Free Keylogger
2020-12-28 02:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-12-28 02:13 - 2018-08-25 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-28 02:13 - 2018-08-15 06:14 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2020-12-28 02:13 - 2018-07-20 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-28 02:13 - 2015-12-03 14:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-12-28 02:13 - 2015-12-03 14:18 - 000000000 ____D C:\Program Files\Intel
2020-12-28 02:13 - 2014-10-21 05:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-12-28 02:13 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-28 02:13 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2020-12-28 02:13 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-12-28 02:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2020-12-28 02:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2020-12-28 02:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-12-28 02:12 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-12-28 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-12-28 02:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2020-12-28 02:04 - 2015-12-03 14:24 - 000000000 ____D C:\Program Files\Realtek
2020-12-28 01:52 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-28 01:51 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-28 01:51 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-28 01:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-28 01:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-28 01:48 - 2019-12-07 15:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-12-28 01:48 - 2019-12-07 15:44 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-12-28 01:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-12-28 01:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-12-28 01:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-12-09 17:53 - 2019-06-30 14:46 - 000000000 ____D C:\ProgramData\WinZip
2020-12-09 17:44 - 2019-08-01 17:58 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\DAEMON Tools Lite
2020-12-09 17:14 - 2019-12-11 20:02 - 000568063 _____ C:\Users\ZdenkaT.Zdenka\Desktop\vstupenky na kabaty 2020.pdf
2020-12-09 17:13 - 2019-12-31 17:47 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 17:07 - 2019-12-31 17:12 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\D3DSCache
2020-12-09 17:00 - 2019-12-31 16:33 - 000000000 ___RD C:\Users\ZdenkaT.Zdenka\OneDrive
2020-12-05 11:18 - 2019-12-31 16:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-29 00:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-28 23:52 - 2019-12-31 16:33 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\PlaceholderTileLogoFolder
2020-11-28 11:32 - 2020-10-06 16:14 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-28 11:29 - 2018-07-23 21:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-28 11:24 - 2018-08-15 12:23 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2019-12-31 18:17 - 2020-12-28 03:09 - 000000222 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-15 05:38 - 2020-12-28 11:44 - 000000093 _____ () C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Přidejte ještě log Addition. Je v souboru addition.txt ne ploše.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by ZdenkaT (28-12-2020 12:25:17)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-12-28 01:58:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3115180121-443120830-933865723-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3115180121-443120830-933865723-503 - Limited - Disabled)
Guest (S-1-5-21-3115180121-443120830-933865723-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3115180121-443120830-933865723-504 - Limited - Disabled)
ZdenkaT (S-1-5-21-3115180121-443120830-933865723-1001 - Administrator - Enabled) => C:\Users\ZdenkaT.Zdenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.338.320 - VoiceFive, Inc.) <==== ATTENTION
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spyrix Free Keylogger 9.0.5 (HKLM-x32\...\Spyrix Free Keylogger_is1) (Version: 9.0.5 - Spyrix Security Inc.)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Web Companion (HKLM-x32\...\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}) (Version: 7.0.2348.4179 - Lavasoft)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows 10 Manager (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Windows 10 Manager 3.1.2) (Version: 3.1.2 - Yamicsoft)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2018-09-29] (ASUS Cloud Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-09-26] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_6.4.0.0_x86__8ptj331gd3tyt [2020-12-05] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2018-09-26] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2020-01-01] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-01] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-09-26] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3115180121-443120830-933865723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-04-02 15:46 - 2014-04-02 15:46 - 000117248 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2019-12-31 18:04 - 2017-03-14 16:51 - 001714688 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2019-06-30 15:52 - 2014-07-08 10:18 - 000317952 _____ () [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\ime32.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 000163840 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 001600000 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-12-31 18:16 - 000000940 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32EEC35C-6F6C-4934-8CEF-0ABC0B2445DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F5836CB-442C-4D75-9792-B7944695DF55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85729891-A06A-4AB8-AD54-92623C576CBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82D82966-8A1C-48E3-BEDC-E59E71A27A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0B533A85-4B82-4565-8963-5CAF01E947F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{715FACFA-C795-4B22-B5C3-22A47994A8F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A633E5E3-1769-4F4A-B207-C4B09E8BED7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{061AFAF7-F632-4B33-A06C-ADB96F0C0C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AEAD259-2DAD-4E83-87B3-FA2FD8C224AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F0A82767-4B7F-45F3-9110-DA01B95DF210}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{848CDF92-E295-4A90-8513-FA4CD540FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08742F70-A562-42B2-8DBF-0D796EC416AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F92BA532-6CA1-463F-8437-55AACC9A30F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0FC7781-85E8-445A-B08E-42C38B7CD4B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99ED8408-2EF1-4EF6-A45D-5D916E845DA9}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E05B6CF6-3549-47EC-9EC2-3AE5A2E377E5}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe (VoiceFive, Inc. -> VoiceFive, Inc.)
FirewallRules: [{14B1EE97-E4C5-403B-98D1-DB7ECA376032}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe (VoiceFive, Inc. -> VoiceFive, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:372.6 GB) (Free:299.18 GB) (80%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/28/2020 02:17:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.


System errors:
=============
Error: (12/28/2020 09:37:32 AM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/28/2020 03:25:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/28/2020 03:25:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

Error: (12/28/2020 03:08:14 AM) (Source: DCOM) (EventID: 10005) (User: Zdenka)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby gupdatem s argumenty /comsvc za účelem spuštění serveru:
{E225E692-4B47-4777-9BED-4FD7FE257F0E}

Error: (12/28/2020 03:08:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdatem) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/28/2020 03:08:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdatem) bylo dosaženo časového limitu (30000 ms).

Error: (12/28/2020 03:05:13 AM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/28/2020 02:59:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


CodeIntegrity:
===================================

Date: 2020-12-28 11:55:36.1070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-28 11:50:25.9780000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-28 11:49:35.3100000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-28 11:49:35.1890000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-28 03:06:12.4410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-28 03:05:15.4330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X553MA.214 08/03/2015
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 88%
Total physical RAM: 3978.54 MB
Available physical RAM: 440 MB
Total Virtual: 5258.54 MB
Available Virtual: 917.92 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:299.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:533.55 GB) NTFS

\\?\Volume{d6079a63-7b7b-48e6-a18b-8fc623f483e9}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{57b2d90b-2baf-4d9a-acc6-49831a155a79}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.2 GB) NTFS
\\?\Volume{2d7c9b8a-692d-4bf2-a646-7f7b43d46844}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 293E6C83)

Partition: GPT.

==================== End of Addition.txt =======================

Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-19-2021
# Duration: 00:01:18
# OS: Windows 10 Home
# Cleaned: 56
# Awaiting reboot:2
# Failed: 0


***** [ Services ] *****

Deleted PremierOpinion
Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\Program Files (x86)\PremierOpinion
Deleted C:\Program Files\WinZip Driver Updater
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
Deleted C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

Deleted C:\Windows\SysWOW64\pmls.dl_
Deleted C:\Windows\System32\pmls64.dl_
Needs Reboot C:\Windows\SysWOW64\pmls.dll
Needs Reboot C:\Windows\System32\PMLS64.DLL

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\WebDiscoverBrowser
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{14B1EE97-E4C5-403B-98D1-DB7ECA376032}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E05B6CF6-3549-47EC-9EC2-3AE5A2E377E5}
Deleted HKLM\Software\WebDiscoverBrowser
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{93642a3c-8cb6-4c3c-813b-ba929bf1e84d}|UninstallString
Deleted HKLM\Software\Wow6432Node\WebDiscoverBrowser
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}
Deleted HKLM\System\Setup\FirstBoot\Services\PremierOpinion
Deleted HKLM\System\Setup\FirstBoot\Services\WCAssistantService

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}
Deleted Preinstalled.ASUSScreenSaver Folder C:\Program Files (x86)\ASUS\ASUS SCREEN SAVER
Deleted Preinstalled.ASUSScreenSaver Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BD69E7C-6470-4BB8-A944-04FF53A89E1F}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF0B1D5-0F21-4038-8E39-190628C92842}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Files ] *****

Cleaned C:\Windows\SysWOW64\pmls.dll
Cleaned C:\Windows\System32\PMLS64.DLL

*************************

AdwCleaner[S00].txt - [7212 octets] - [19/02/2021 19:26:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2021 01
Ran by ZdenkaT (administrator) on ZDENKA (ASUSTeK COMPUTER INC. X553MA) (19-02-2021 19:55:06)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spkl.exe
(Access Denied) [File not signed] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\4743B949-54E0-43C7-BF07-865A0FE454EC\MpSigStub.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\SwReporter\88.253.200\software_reporter_tool.exe <3>
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13628.20380\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-171d7418.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Engine_Patch_1.1.17700.4.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Video Technology -> ) C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\spmm.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer\Run: [localSPM] => C:\Windows\runkey.exe [489472 2015-06-25] () [File not signed]
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [4146024 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\...\Windows x64\Print Processors\MIPR64_Q: C:\Windows\System32\spool\prtprocs\x64\MIPR64_Q.DLL [56832 2018-08-16] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2020-12-09] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {1BB225BF-D97F-4DEA-9E59-D6F6796CD5B7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {1FB23EF1-6F5A-4FB9-A0FE-BF9DBE66AC9C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3E168430-A11C-4EA2-B883-C02B4B178642} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {4806CE99-7795-4551-A4C6-137F51806A46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4971A62F-5CFA-40E9-A0BD-97C97B0B0879} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {530E90BA-5E30-48FC-A10E-D6A6110D897C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {5A303BDB-2F08-4F03-AF53-047574622997} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D78CC34-EA02-44E1-847E-08A91D972A27} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70E81AC8-CBEC-4954-B879-B0516735C720} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7FDA3455-C013-4AC3-A49D-DE7B41A95FB4} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8A69D8D9-5202-49A1-BD7C-48BBB8A1E4AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B65692F-EEB9-4358-BB66-5B539E55EB48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
Task: {91DB438A-A3E0-4B17-A206-47770C416DE2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A20687B7-F491-4408-B655-26D1C5327B24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE782480-113B-4D33-AD08-67F3858454E4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B55B38A7-0E52-4331-B6BE-B150251275A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C58361F0-139B-404A-940F-8F99761021AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D94AD55B-A149-45C0-A6AF-78360524DA81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DCAE0E70-F7CF-4083-9248-166207AFF476} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {E02A45FA-49DC-48EE-A837-7695E43314C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5D06F33-5B86-41A7-BB86-DE17EFEC2C54} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {EAC27566-E63F-4B77-937A-7F48CF784BB1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {F99017DF-3855-4944-9B7F-D263FFF8E6BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4EF53902-124A-407B-9200-A0FF2AB40C6D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD3FB71E-2F36-4B17-AE57-41340214016C}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-19]

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-09] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default [2021-02-19]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-15]
CHR Extension: (Dokumenty) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-15]
CHR Extension: (Disk Google) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-28]
CHR Extension: (YouTube) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-28]
CHR Extension: (Tabulky) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Extension: (Gmail) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-28]
CHR Extension: (Chrome Media Router) - C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
CHR Profile: C:\Users\ZdenkaT.Zdenka\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [136040 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-09] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-31] (McAfee, LLC -> McAfee, Inc.)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
S2 Asus WebStorage Windows Service; "C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67032 2019-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-08-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-19 19:55 - 2021-02-19 20:03 - 000022672 _____ C:\Users\ZdenkaT.Zdenka\Desktop\FRST.txt
2021-02-19 19:54 - 2021-02-19 19:54 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\Desktop\FRST-OlderVersion
2021-02-19 19:23 - 2021-02-19 19:32 - 000000000 ____D C:\AdwCleaner
2021-02-19 19:22 - 2021-02-19 19:22 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Downloads\adwcleaner_8.1 (2).exe
2021-02-19 19:21 - 2021-02-19 19:21 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Downloads\adwcleaner_8.1 (1).exe
2021-02-19 19:21 - 2021-02-19 19:21 - 008463216 _____ (Malwarebytes) C:\Users\ZdenkaT.Zdenka\Desktop\adwcleaner_8.1.exe
2021-02-19 18:36 - 2021-02-19 18:36 - 000002218 _____ C:\Users\ZdenkaT.Zdenka\Documents\cc_20210219_183621.reg
2021-02-19 18:21 - 2021-02-19 18:21 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6dcb995a97e14

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-19 20:06 - 2019-12-31 18:15 - 000000000 ____D C:\ProgramData\Adguard
2021-02-19 20:03 - 2020-12-09 19:53 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-19 19:59 - 2020-12-28 12:08 - 000000000 ____D C:\FRST
2021-02-19 19:54 - 2020-12-28 12:07 - 002298368 _____ (Farbar) C:\Users\ZdenkaT.Zdenka\Desktop\FRST64.exe
2021-02-19 19:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-19 19:52 - 2020-12-09 17:40 - 000000000 ____D C:\Program Files\CCleaner
2021-02-19 19:46 - 2020-12-28 02:37 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-19 19:46 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-19 19:46 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-19 19:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-19 19:41 - 2019-12-31 16:21 - 000000000 __SHD C:\Users\ZdenkaT\IntelGraphicsProfiles
2021-02-19 19:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-19 19:40 - 2019-12-31 18:14 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-02-19 19:39 - 2020-12-28 02:14 - 000331544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-19 19:38 - 2020-12-28 02:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-19 19:38 - 2020-12-28 02:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-19 19:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-19 19:35 - 2019-12-31 18:17 - 000000226 _____ C:\ProgramData\fontcacheev1.dat
2021-02-19 19:35 - 2019-12-31 18:15 - 000000226 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2021-02-19 19:35 - 2019-12-31 18:15 - 000000226 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\Users\ZdenkaT.Zdenka\AppData\Local\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:34 - 000000000 ____D C:\ProgramData\Lavasoft
2021-02-19 19:33 - 2020-12-09 17:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-02-19 19:33 - 2014-10-21 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-02-19 19:33 - 2014-10-21 05:28 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-02-19 19:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-19 19:00 - 2020-07-01 16:55 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 19:00 - 2020-07-01 16:55 - 000002259 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-19 18:33 - 2019-12-31 16:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-19 18:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-19 18:25 - 2019-12-31 13:11 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-19 18:23 - 2020-12-28 02:57 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-19 18:23 - 2020-12-28 02:57 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-19 18:21 - 2020-12-28 02:57 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-19 18:21 - 2020-12-09 17:41 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-02-19 18:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-19 18:20 - 2018-08-15 05:38 - 000000093 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys
2021-02-19 18:17 - 2020-12-28 02:57 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3115180121-443120830-933865723-1001
2021-02-19 18:17 - 2020-12-28 02:22 - 000002390 _____ C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-19 18:17 - 2019-12-31 16:33 - 000000000 ___RD C:\Users\ZdenkaT.Zdenka\OneDrive
2021-02-19 18:16 - 2020-12-28 02:57 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== Files in the root of some directories ========

2019-12-31 18:17 - 2021-02-19 19:35 - 000000226 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-15 05:38 - 2021-02-19 18:20 - 000000093 _____ () C:\Users\ZdenkaT.Zdenka\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-02-2021 01
Ran by ZdenkaT (19-02-2021 20:08:53)
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-12-28 01:58:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3115180121-443120830-933865723-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3115180121-443120830-933865723-503 - Limited - Disabled)
Guest (S-1-5-21-3115180121-443120830-933865723-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3115180121-443120830-933865723-504 - Limited - Disabled)
ZdenkaT (S-1-5-21-3115180121-443120830-933865723-1001 - Administrator - Enabled) => C:\Users\ZdenkaT.Zdenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spyrix Free Keylogger 9.0.5 (HKLM-x32\...\Spyrix Free Keylogger_is1) (Version: 9.0.5 - Spyrix Security Inc.)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Windows 10 Manager (HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\Windows 10 Manager 3.1.2) (Version: 3.1.2 - Yamicsoft)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2018-09-29] (ASUS Cloud Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-09-26] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_6.4.0.0_x86__8ptj331gd3tyt [2020-12-05] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-28] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2018-09-26] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2020-01-01] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-01] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2018-09-26] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3115180121-443120830-933865723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-06-30 15:52 - 2014-07-08 10:18 - 000317952 _____ () [File not signed] C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}\ime32.dll
2020-04-20 13:05 - 2020-04-20 13:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-20 13:05 - 2020-04-20 13:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3115180121-443120830-933865723-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-12-31 18:16 - 000000940 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3115180121-443120830-933865723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ZdenkaT.Zdenka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32EEC35C-6F6C-4934-8CEF-0ABC0B2445DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F5836CB-442C-4D75-9792-B7944695DF55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85729891-A06A-4AB8-AD54-92623C576CBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82D82966-8A1C-48E3-BEDC-E59E71A27A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0B533A85-4B82-4565-8963-5CAF01E947F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{715FACFA-C795-4B22-B5C3-22A47994A8F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A633E5E3-1769-4F4A-B207-C4B09E8BED7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{061AFAF7-F632-4B33-A06C-ADB96F0C0C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AEAD259-2DAD-4E83-87B3-FA2FD8C224AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F0A82767-4B7F-45F3-9110-DA01B95DF210}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{848CDF92-E295-4A90-8513-FA4CD540FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08742F70-A562-42B2-8DBF-0D796EC416AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F92BA532-6CA1-463F-8437-55AACC9A30F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0FC7781-85E8-445A-B08E-42C38B7CD4B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99ED8408-2EF1-4EF6-A45D-5D916E845DA9}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/19/2021 06:28:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.420.11102.0, časové razítko: 0x5faaa7cb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x30e4
Čas spuštění chybující aplikace: 0x01d706e3546f1095
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 79edcb3d-0a07-498f-bca4-5f9f3c5eec9c
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (02/19/2021 06:14:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (10332,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (02/19/2021 06:14:11 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (10332,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\ZdenkaT.Zdenka\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (12/28/2020 02:17:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.


System errors:
=============
Error: (02/19/2021 08:11:47 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/19/2021 07:50:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.

Error: (02/19/2021 07:46:00 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/19/2021 07:45:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.

Error: (02/19/2021 07:43:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (02/19/2021 07:43:27 PM) (Source: DCOM) (EventID: 10010) (User: Zdenka)
Description: Server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/19/2021 07:38:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Asus WebStorage Windows Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/19/2021 07:36:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AppXSvc bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===============Event[0]:

Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-02-19 20:19:35
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-02-19 20:16:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-02-19 20:16:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1209.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2021-02-19 18:30:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X553MA.214 08/03/2015
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 74%
Total physical RAM: 3978.54 MB
Available physical RAM: 1003.2 MB
Total Virtual: 5258.54 MB
Available Virtual: 1528.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:315.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:533.55 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{d6079a63-7b7b-48e6-a18b-8fc623f483e9}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{57b2d90b-2baf-4d9a-acc6-49831a155a79}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.2 GB) NTFS
\\?\Volume{2d7c9b8a-692d-4bf2-a646-7f7b43d46844}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 293E6C83)

Partition: GPT.

==================== End of Addition.txt ======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-02-2021 01
Ran by ZdenkaT (19-02-2021 21:08:30) Run:1
Running from C:\Users\ZdenkaT.Zdenka\Desktop
Loaded Profiles: ZdenkaT
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [678]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1079ADCF-14F3-4819-BB8E-D48D18283A6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {3F3A76FD-16A6-429D-A35A-25815798C58F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA} => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1079ADCF-14F3-4819-BB8E-D48D18283A6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1079ADCF-14F3-4819-BB8E-D48D18283A6E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F3A76FD-16A6-429D-A35A-25815798C58F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F3A76FD-16A6-429D-A35A-25815798C58F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30556042 B
Java, Flash, Steam htmlcache => 360194672 B
Windows/system/drivers => 34457926 B
Edge => 14336 B
Chrome => 22590919 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 225550208 B
ZdenkaT.Zdenka => 266206022 B

RecycleBin => 82247 B
EmptyTemp: => 903.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-02-2021 21:17:34)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 21:17:35 ====

Smazáno, log by již měl být OK.