adware Adfl a Gestyy
Napsal: 13 úno 2021 20:20
dobrý den, mám rovněž problém s Gestyy a ADF.ly, po spuštění PC se zobrazí výše zmíněné stránky v prohlížeči, který mám zvolený jako hlavní - je jedno jestli si nastavím edge nebo operu, nepomohla ani jejich přeinstalace.
ANtivir používám eset a ten nic nezachytil, zkoušel jsem i defender, následně několik antimalwaru, problém nevyřešili.
takže jsem narazil na vaše fórum a pokusím se vložit logy z FRST
Předem moc děkuji:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-02-2021
Ran by Jiří (administrator) on JIRKAPC (MSI MS-7817) (13-02-2021 20:05:45)
Running from C:\Users\Jiří\Downloads
Loaded Profiles: Jiří & kimno
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(CANON INC. -> CANON INC.) C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jiří\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Jiří\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe <27>
(Opera Software AS -> Opera Software) C:\Users\Jiří\AppData\Local\Programs\Opera\74.0.3911.107\opera_crashreporter.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [175504 2020-11-09] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [425512 2015-01-22] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-08] (Valve -> Valve Corporation)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [File not signed]
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32894024 2021-02-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [Opera Browser Assistant] => C:\Users\Jiří\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3368600 2021-02-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\kimno\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\kimno\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [153088 2016-06-06] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-12-24] () [File not signed]
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar487.lnk [2021-02-13]
ShortcutTarget: Sidebar487.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F6E0D45-F0CA-4C48-ADF1-7F9AE8C20B6C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15F1E8AA-B67B-457E-8CE4-D2A2DA1E4767} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {26BE86C8-34F3-4F08-A667-2B88E5C1E9D6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D898D6E-AD62-4AE2-A5F9-23803298C90C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38C89BAF-073F-40D1-A455-21AC009C1B4B} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1824240 2016-11-30] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {4A58C298-FF77-423E-B17A-651F9DA36D24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57FBAB20-3A7D-4F26-AE4C-2DD78A350178} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-15] (Google Inc -> Google Inc.)
Task: {580EC7AC-AB23-49BA-97ED-692A46046DED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61CFD6F8-8D23-4C6E-AC6C-14B074432627} - System32\Tasks\Opera scheduled assistant Autoupdate 1613206974 => C:\Users\Jiří\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Jiří\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {64849F72-364B-482B-B362-773D405CE2D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-15] (Google Inc -> Google Inc.)
Task: {672D4C47-FF6A-4D99-B2B7-AE0B2271375B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68468F3F-0A62-406F-8981-F9A5A6CF42C5} - System32\Tasks\GoogleUpdateTaskMachineCore1d3eed5fa40a34f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-15] (Google Inc -> Google Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6F30DD41-F5E1-41EB-A304-9BB29057BB9B} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {743FDE56-A8F6-4E0B-93B2-237D3EAEB5EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74891F70-526B-4752-9BCA-F7FC629AD4F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7615524E-4C46-4CBE-B851-8109F5D52E0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78DFBEC7-D723-4A69-9AF0-439E37A716D0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DC22C7B-DC14-4952-B680-D32E9D34ED61} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86E6763C-D7F6-430B-A515-9E8A4D081563} - System32\Tasks\{6245D6EF-2215-4533-9FEA-61EEABA7D376} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Jiří\AppData\Local\SquareClock.Production_Home_Siko_Web\SQ.Remover.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8ABFDCA7-80A7-4551-9AAD-02291CCA4547} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8B2AC804-5EC6-4A43-B937-5348DECF73C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A54D7EB5-530B-46BA-BBF6-A8EC61B72A65} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AC1CA196-5D2B-4B43-9FB3-6BCAED6E6D49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6EFB08C-5CB3-4907-B2BD-35ED8DF01C21} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7064DBA-98E2-49A1-BB60-3C0075329B75} - System32\Tasks\Opera scheduled Autoupdate 1613206971 => C:\Users\Jiří\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {C299E052-F88A-48BD-8FF1-D46C4F7085DF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C701242E-9DC8-4D59-A47A-18A172AF59B3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF1FFA29-8AAC-4890-A4DE-0D2CD4842CFA} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> )
Task: {CF2DEBCE-6D6B-45A7-8A87-1735AB7CAB31} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0644664-B72B-43D4-9D92-F5F3F069D494} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D45CAFAE-366A-4033-AD02-AFBD8826FFC5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4DEFF55-E5D7-4741-99D0-4D5DCA07637D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E2EA2EEC-8EE0-4D4E-8257-7C8544995079} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E62B60E1-1923-44B7-B927-EF2E49620958} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3A9A59C-3DC3-47C5-9D60-BDA281A27D52} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {FA34F86D-C1A9-429A-9425-3C35AFCC8F62} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81e948d6-d3e9-4054-922e-636d31eaf609}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{90fbf2c8-ed71-4ead-a6ca-5dd4205c36ae}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jiří\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-13]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Jiří\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-02-13]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default [2021-02-13]
CHR Extension: (Prezentace) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-17]
CHR Extension: (Dokumenty) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-17]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-13]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-22]
CHR Extension: (Tabulky) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-13]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-13]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Jiří\AppData\Roaming\Opera Software\Opera Stable [2021-02-13]
OPR DownloadDir: D:\Torrent
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Session Restore: Opera Stable -> is enabled.
OPR Extension: (Rich Hints Agent) - C:\Users\Jiří\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8902024 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2595360 2020-11-09] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1728072 2020-10-28] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-10-28] (GOG Sp. z o.o. -> GOG.com)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-02-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-01-29] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-27] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 HTCAND64; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) [File not signed]
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-07-27] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 20:05 - 2021-02-13 20:06 - 000027327 ____C C:\Users\Jiří\Downloads\FRST.txt
2021-02-13 20:05 - 2021-02-13 20:05 - 000000000 ___DC C:\Users\Jiří\Downloads\FRST-OlderVersion
2021-02-13 20:03 - 2021-02-13 20:05 - 002297344 ____C (Farbar) C:\Users\Jiří\Downloads\FRST64.exe
2021-02-13 20:02 - 2021-02-13 20:06 - 000000000 ___DC C:\FRST
2021-02-13 19:51 - 2021-02-13 20:07 - 001180564 _____ C:\WINDOWS\ZAM.krnl.trace
2021-02-13 19:51 - 2021-02-13 19:51 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2021-02-13 19:51 - 2021-02-13 19:51 - 000003540 _____ C:\WINDOWS\system32\Tasks\AMHelper
2021-02-13 19:51 - 2021-02-13 19:51 - 000001339 ____C C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\Users\Jiří\AppData\Local\Zemana
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\Users\Jiří\AppData\Local\AMSDK
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-02-13 19:46 - 2021-02-13 19:48 - 000000000 ____D C:\ProgramData\HitmanPro
2021-02-13 18:36 - 2021-02-13 18:36 - 000222104 ____C (AVAST Software) C:\Users\Jiří\Downloads\avast_free_antivirus_setup_online.exe
2021-02-13 10:02 - 2021-02-13 10:02 - 000004402 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1613206974
2021-02-13 10:02 - 2021-02-13 10:02 - 000004150 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1613206971
2021-02-13 10:02 - 2021-02-13 10:02 - 000001501 ____C C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-02-13 10:02 - 2021-02-13 10:02 - 000001455 ____C C:\Users\Jiří\Desktop\Prohlížeč Opera.lnk
2021-02-13 09:59 - 2021-02-13 09:59 - 000246910 _____ C:\Users\Jiří\Desktop\Chybove_hlasky.pptx
2021-02-13 09:54 - 2021-02-13 09:54 - 000000000 ____D C:\Users\Jiří\AppData\Local\mbam
2021-02-13 09:54 - 2021-02-13 09:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-13 09:48 - 2021-02-13 09:54 - 000391990 _____ C:\WINDOWS\ntbtlog.txt
2021-02-13 09:48 - 2021-02-13 09:52 - 000000214 ____C C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-02-13 08:34 - 2021-02-13 09:19 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_13
2021-02-12 08:40 - 2021-02-12 10:04 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_12
2021-02-11 19:32 - 2021-02-11 19:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 19:32 - 2021-02-11 19:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 19:32 - 2021-02-11 19:32 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 19:32 - 2021-02-11 19:32 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-11 19:32 - 2021-02-11 19:32 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 21:37 - 2021-02-10 21:38 - 000000000 ___DC C:\AdwCleaner
2021-02-10 08:53 - 2021-02-10 10:05 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_10
2021-02-09 08:43 - 2021-02-09 10:10 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_09
2021-02-08 08:37 - 2021-02-08 15:15 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_08
2021-02-07 09:07 - 2021-02-07 19:00 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_07
2021-02-06 10:00 - 2021-02-06 18:19 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_06
2021-02-04 18:12 - 2021-02-04 18:37 - 000036404 ____C C:\Users\Jiří\Documents\Spotřeba 2021.xlsx
2021-02-04 18:12 - 2021-02-04 18:12 - 000004287 ____C C:\Users\Jiří\Desktop\Spotřeba 2021.lnk
2021-02-01 19:16 - 2021-02-01 19:19 - 000011000 ____C C:\Users\Jiří\Desktop\VRATA - telefonní čísla.xlsx
2021-02-01 19:04 - 2021-02-01 19:09 - 000000000 ___DC C:\Users\Jiří\Desktop\Izolace podlaha
2021-02-01 18:40 - 2021-02-01 18:42 - 000002165 ____C C:\Users\Jiří\Desktop\skse64_loader.lnk
2021-02-01 17:41 - 2021-02-13 18:55 - 000000000 ____D C:\Users\Jiří\AppData\Local\Black_Tree_Gaming
2021-02-01 17:41 - 2021-02-01 17:41 - 000000000 ___DC C:\Users\Jiří\Documents\Nexus Mod Manager
2021-01-31 21:21 - 2021-01-31 21:21 - 000000222 ____C C:\Users\Jiří\Desktop\The Elder Scrolls V Skyrim Special Edition.url
2021-01-31 20:15 - 2021-01-31 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Apps
2021-01-31 18:31 - 2021-02-01 08:34 - 000000000 ____D C:\Users\Jiří\.openshot_qt
2021-01-31 17:32 - 2021-01-31 17:33 - 000000000 ____D C:\Users\Jiří\AppData\Local\Movavi
2021-01-31 17:32 - 2021-01-31 17:32 - 000000000 ____D C:\Users\Jiří\AppData\Local\VideoEditorPlus
2021-01-31 17:32 - 2021-01-31 17:32 - 000000000 ____D C:\Users\Jiří\AppData\Local\CrashRpt
2021-01-31 17:32 - 2021-01-31 17:32 - 000000000 ____D C:\Users\Jiří\AppData\Local\cache
2021-01-31 17:30 - 2021-01-31 17:30 - 000012554 _____ C:\ProgramData\juutbubq.wrj
2021-01-31 17:30 - 2021-01-31 17:30 - 000000016 _____ C:\ProgramData\mntemp
2021-01-30 22:47 - 2021-02-06 19:21 - 000000000 ____D C:\Users\Jiří\AppData\Local\Skyrim Special Edition
2021-01-25 18:03 - 2021-01-25 18:03 - 000000000 ___DC C:\Users\Jiří\Documents\der grune max
2021-01-22 09:19 - 2021-01-22 09:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-15 15:08 - 2021-01-15 15:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 15:08 - 2021-01-15 15:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 15:08 - 2021-01-15 15:08 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 15:07 - 2021-01-15 15:07 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 15:07 - 2021-01-15 15:07 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 15:07 - 2021-01-15 15:07 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 15:07 - 2021-01-15 15:07 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 15:07 - 2021-01-15 15:07 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-15 15:06 - 2021-01-15 15:06 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 20:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-13 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-13 19:43 - 2020-07-07 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-13 19:05 - 2020-07-07 18:47 - 001693200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-13 19:05 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-13 19:05 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 19:00 - 2017-04-24 20:14 - 000000000 ___DC C:\ProgramData\NVIDIA
2021-02-13 18:59 - 2015-08-24 21:39 - 000000000 ___DC C:\Program Files (x86)\Steam
2021-02-13 18:58 - 2020-07-07 18:49 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2021-02-13 18:58 - 2020-07-07 18:43 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-13 18:58 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-13 18:43 - 2020-06-04 15:57 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-13 18:43 - 2020-06-04 15:57 - 000002263 ____C C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-13 18:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-13 18:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-13 17:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-13 17:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-13 17:29 - 2018-05-18 19:29 - 000000000 ___DC C:\WINDOWS\system32\Drivers\wd
2021-02-13 17:19 - 2019-12-07 10:03 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2021-02-13 17:19 - 2015-08-24 22:09 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-13 16:43 - 2015-08-24 21:11 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\vlc
2021-02-13 12:02 - 2018-12-21 18:53 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\uTorrent
2021-02-13 12:01 - 2020-07-07 17:59 - 000000000 ____D C:\Users\Jiří
2021-02-13 12:01 - 2015-08-25 16:02 - 000000000 ___DC C:\Users\Jiří\AppData\Local\CrashDumps
2021-02-13 10:30 - 2017-11-29 20:56 - 000000000 ___DC C:\Users\Jiří\AppData\Local\Packages
2021-02-13 10:29 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-13 10:28 - 2020-05-25 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-02-13 10:28 - 2016-09-11 15:51 - 000000000 ___DC C:\ProgramData\Garmin
2021-02-13 10:28 - 2016-09-11 15:51 - 000000000 ___DC C:\Program Files (x86)\Garmin
2021-02-13 10:03 - 2015-08-31 18:38 - 000000000 ___DC C:\Users\Jiří\AppData\Local\Opera Software
2021-02-13 10:02 - 2015-08-31 18:38 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\Opera Software
2021-02-13 09:43 - 2015-08-31 18:37 - 000000000 ___DC C:\Program Files (x86)\Opera
2021-02-12 10:23 - 2018-11-29 21:20 - 000001046 ____C C:\Users\Jiří\Desktop\4K Video Downloader.lnk
2021-02-11 22:37 - 2020-07-07 18:43 - 000442280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 22:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 14:34 - 2015-08-24 22:08 - 000000000 ___DC C:\WINDOWS\system32\MRT
2021-02-10 14:32 - 2015-08-24 22:08 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 16:54 - 2020-07-07 18:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-09 16:54 - 2015-08-24 21:12 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-09 08:35 - 2020-07-07 18:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-09 08:35 - 2020-07-07 18:49 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 13:19 - 2016-05-15 14:36 - 000002307 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-05 13:19 - 2016-05-15 14:36 - 000002266 ____C C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-05 08:11 - 2020-07-07 18:49 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 08:11 - 2020-07-07 18:49 - 000003378 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d3eed5fa40a34f
2021-02-04 18:27 - 2020-07-08 17:55 - 000057614 ____C C:\Users\Jiří\Documents\Spotřeba 2020.xlsx
2021-02-02 18:52 - 2020-07-07 18:49 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4107644453-2996199023-3231352366-1001
2021-02-02 18:52 - 2020-07-07 17:59 - 000002407 ____C C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-02 18:52 - 2015-08-24 17:33 - 000000000 __RDC C:\Users\Jiří\OneDrive
2021-02-02 18:33 - 2020-01-06 21:45 - 000000000 ___DC C:\Users\Jiří\Documents\Dum
2021-02-02 09:11 - 2015-11-16 18:06 - 000000000 ___DC C:\Program Files\Microsoft Office
2021-02-01 07:55 - 2017-07-11 20:32 - 000018129 ____C C:\Users\Jiří\Documents\Přístupy.xlsx
2021-01-31 21:21 - 2015-08-24 21:49 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-31 20:16 - 2015-06-05 14:17 - 000000000 ___DC C:\ProgramData\Package Cache
2021-01-31 20:15 - 2020-10-20 13:26 - 000000000 ____D C:\Users\Jiří\AppData\Roaming\WD Discovery
2021-01-31 20:15 - 2020-10-20 13:25 - 000000000 ____D C:\Users\Jiří\.wdc
2021-01-31 19:46 - 2018-05-27 20:40 - 000000000 ___DC C:\Users\Jiří\AppData\Local\PlaceholderTileLogoFolder
2021-01-31 17:30 - 2017-06-15 19:42 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\NVIDIA
2021-01-31 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-31 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-30 22:47 - 2015-09-10 18:19 - 000000000 ___DC C:\Users\Jiří\Documents\my games
2021-01-30 20:35 - 2017-03-14 19:54 - 000000000 ___DC C:\Users\Jiří\Documents\Aukro
2021-01-26 07:23 - 2019-04-01 19:53 - 000000000 ___DC C:\Program Files\Canon
2021-01-23 13:07 - 2015-08-29 14:42 - 000000000 ___DC C:\Program Files (x86)\GalaxyClient
2021-01-22 20:04 - 2017-12-12 21:42 - 000010402 ____C C:\Users\Jiří\Desktop\Sledované seriály.xlsx
2021-01-20 20:03 - 2015-08-24 21:05 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altap Salamander (x64).lnk
2021-01-20 20:03 - 2015-08-24 21:05 - 000001146 ____C C:\ProgramData\Desktop\Salamander (x64).lnk
2021-01-20 20:03 - 2015-08-24 21:05 - 000000000 ___DC C:\Program Files\Altap Salamander
2021-01-15 15:57 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 15:57 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 15:06 - 2020-07-07 18:45 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2017-11-19 17:34 - 2017-11-19 17:34 - 000000624 ____C () C:\Users\Jiří\AppData\Roaming\All CPU MeterV3_Settings.ini
2018-02-10 21:36 - 2019-02-28 18:08 - 000000119 ____C () C:\Users\Jiří\AppData\Roaming\Network Monitor II_#0_Traffic.ini
2017-04-14 09:58 - 2017-04-14 09:58 - 000000029 ____C () C:\Users\Jiří\AppData\Local\SQ.RemoverDelete.bat
2017-04-05 20:12 - 2017-04-05 20:12 - 000032038 ____C () C:\Users\Jiří\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2021
Ran by Jiří (13-02-2021 20:07:46)
Running from C:\Users\Jiří\Downloads
Windows 10 Home Version 2004 19041.804 (X64) (2020-07-07 17:49:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4107644453-2996199023-3231352366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4107644453-2996199023-3231352366-503 - Limited - Disabled)
Guest (S-1-5-21-4107644453-2996199023-3231352366-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4107644453-2996199023-3231352366-1003 - Limited - Enabled)
Jiří (S-1-5-21-4107644453-2996199023-3231352366-1001 - Administrator - Enabled) => C:\Users\Jiří
kimno (S-1-5-21-4107644453-2996199023-3231352366-1004 - Limited - Disabled) => C:\Users\kimno
WDAGUtilityAccount (S-1-5-21-4107644453-2996199023-3231352366-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.4 (HKLM-x32\...\{4E97C234-3F6C-4AA9-BFAF-0166F3050A68}) (Version: 4.4.11.2412 - Open Media LLC)
8GadgetPack (HKLM-x32\...\{8AE911BA-9AFB-435C-92C9-62BF228647AE}) (Version: 15.0.0 - Helmut Buhler)
Active@ KillDisk 10 (HKLM\...\{6A633DB7-06E4-4EF1-8FD1-7F8812C590AD}_is1) (Version: 10 - LSoft Technologies Inc)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Blood and Wine (HKLM-x32\...\1441620909_is1) (Version: 1.32 - GOG.com)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 2.1.2 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 2.1.2.40000 - CANON INC.)
Canon MF Scan Utility (HKLM-x32\...\Canon_MF_Scan_Utility) (Version: 1.5.0.0 - CANON INC.)
Canon MF633C/635C (HKLM\...\{7B95F8E4-3E24-4FAF-9CB0-5063F9E1202A}) (Version: 5.4.0.1 - CANON INC.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.3 - CEWE Stiftung u Co. KGaA)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Free DLC program (16 DLC) (HKLM-x32\...\1430743168_is1) (Version: 1.32 - GOG.com)
Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hearts of Stone (HKLM-x32\...\1441355562_is1) (Version: 1.32 - GOG.com)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.13628.20274 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 74.0.3911.107 (HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Opera 74.0.3911.107) (Version: 74.0.3911.107 - Opera Software)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.07.0.1318 - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\SeznamInstall) (Version: - Seznam.cz)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
tiptoi® Manager 4.2.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.2.1 - Ravensburger AG)
Toner Status (HKLM-x32\...\{6E9A516A-6189-4502-80FD-51BE28989CEB}) (Version: 1.5.0.0 - CANON INC.)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2021-01-31] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-14] (Facebook Inc)
Logitech Camera Controller -> C:\Program Files\WindowsApps\E97CB0A1.LogitechCameraController_1.0.0.135_x86__wd885nsp30hay [2015-09-14] (LOGITECH Europe S.A.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-24] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Sticky Tiles -> C:\Program Files\WindowsApps\44239NirmitKavaiya.StickyTiles_1.2.0.0_neutral__06vcx9pe9kpe6 [2017-02-01] (Nirmit Kavaiya)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\nvshext.dll [2020-10-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2015-09-14] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2015-09-14] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-04-01 19:54 - 2015-01-20 17:30 - 000005120 ____C (CANON INC.) [File not signed] C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.DLL
2019-04-01 19:53 - 2016-06-06 09:12 - 000153088 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2015-10-23 17:01 - 2015-08-26 03:58 - 000528896 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2015-10-23 17:01 - 2012-05-19 06:16 - 000083456 ____C (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\cpzp.cz -> hxxps://portal.cpzp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\ozp.cz -> hxxps://portal.ozp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\portalzp.cz -> hxxps://www.portalzp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\rbp-zp.cz -> hxxps://portal.rbp-zp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\vozp.cz -> hxxps://portal.vozp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\zpskoda.cz -> hxxps://portal.zpskoda.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\Control Panel\Desktop\\Wallpaper -> D:\Dokumenty Kačky\foto\2020\IMG_3744.JPG
HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)
Síť Ethernet: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D9FE5ABF-95D1-48B2-BFFB-D13B62052654}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B0E0126F-1D2D-4C13-A24C-9B7B1F97B0F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{670AD653-3C97-47B4-BE65-1F2E031BB3D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{91105283-DAB4-4976-994D-0F6F29D740B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1621E8E0-490E-411B-963D-3685EF37FDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9CFAD03A-63BB-4E7E-A858-3A4192FDC91C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7912768C-BEBF-472C-9AA3-0C5482387A63}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6AC8CB0D-90E3-46CC-B8B2-982FCFE854DE}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{D6EA4F5C-2E26-4A72-A442-0C1A4B986200}] => (Allow) D:\SteamLibrary\steamapps\common\Pathfinder Kingmaker\Kingmaker.exe () [File not signed]
FirewallRules: [{B201E873-1A23-4625-B8BD-6735C158E3C8}] => (Allow) D:\SteamLibrary\steamapps\common\Pathfinder Kingmaker\Kingmaker.exe () [File not signed]
FirewallRules: [{B4784417-2770-4B85-A21F-9FE9FAAE077B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C84A9249-39F1-418D-A4E2-916E1FDA93D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86886C13-7CAE-4B4B-AEF8-60E6479FC72D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{5A4379E5-D9F1-431A-97F7-86FD23CBBA16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A59FA7F-9C34-4D48-B5ED-9182ABA0AE72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B96A868-230A-4DFF-A33A-7D9F937FB055}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{604C8E92-BC40-4B03-8018-4F3DA416B9EC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{3BE1FA56-9F1E-4784-BBF9-EE07BC45AD32}C:\program files (x86)\abc\abc.exe] => (Allow) C:\program files (x86)\abc\abc.exe => No File
FirewallRules: [TCP Query User{3A2E9AF5-6542-421B-A941-2DA9303B5F93}C:\program files (x86)\abc\abc.exe] => (Allow) C:\program files (x86)\abc\abc.exe => No File
FirewallRules: [{A11FF3A5-3913-4137-AF8E-0A41C51A211A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{F2A55437-D2CE-473C-B0A2-61A8B8A83AA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{785D7EAF-7F41-4BB3-A79E-90A5471D57AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CCC02C15-BC54-4863-ABD4-0FC09C7C66DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{20BFB853-7B4F-4CA8-869D-2AF112CE5B0B}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{EF636CD9-C73D-485D-935B-E5F1BD25D416}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{F70BBBC6-B1BB-4D31-9BAD-CE12D3552C81}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [UDP Query User{2C64C81A-F922-482A-BB0E-01C2B6DE0801}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [{A1513352-D8D7-4AF8-AF4E-8BA47D82F8BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{13777B76-486F-420D-9E44-86A289F7B26F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{200A0C7E-7E36-466E-91D1-EDEF092537B9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0C34F09-B833-4E90-91D6-CE69986A2650}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2747D32-3920-455F-AB28-24B343B1F333}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FA03F445-F1B6-43B3-8F1E-73A92F84E883}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5BFB545B-45CC-4AF7-9FFC-001CD253A1BC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{FD4945BE-4F6E-49F5-AE38-EB8CDFE2479F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{BF0211B9-2390-4674-A00D-8216ABFA6629}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{675C0825-198F-4384-816F-7B8AC2DE8095}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{7D93A705-0695-421F-AE95-88A6A3BD2A50}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA805D09-B85C-44F0-8879-4D1797D49EA3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE35B626-D628-47F2-B09D-C0A0C4B02A50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F4D91472-9B8A-45B0-A21D-21686D154D1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{258A63CE-C187-447C-81BA-5FACA9685E4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7BF8283-A740-474B-838F-8B2E4F983344}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1493F48-BF26-45D1-B35B-FC73B2C77230}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5E2B8E3-155B-4F30-9C26-BB96CDE0259D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CB7B9E5E-239C-470C-B5F5-D128C5FE2706}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A6BA10F0-320A-46DC-8ADD-045D9D7D02BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A9089A45-E6DE-479F-9BFD-24D136817485}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB8044B8-0496-448E-93DD-E34D872790AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BDF7D5B5-103E-4D0F-BBC3-FD8EA583036D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84B638CF-1368-489F-A01A-7FE964043D6A}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{3900EC9C-35A1-4914-A421-D395FD0B124E}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{F6470F50-5ABE-4BF8-8968-544645331D8F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9159D24-5042-43F5-AFA7-597A9EEDCB04}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AE3E840-4C55-42FB-BF38-DA06D4E2B48C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A53D5F2-1C1A-40FE-9ED3-282AFB0B6B14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C6F5DDAE-33CF-4259-AB61-BF8DD6DB4E80}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:110.51 GB) (Free:47.92 GB) (43%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/13/2021 07:09:18 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: JIRKAPC)
Description: microsoft.windows.cortana_cw5n1h2txyewy-2147024893
Error: (02/13/2021 01:11:49 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/13/2021 01:11:49 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (02/13/2021 01:11:49 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (02/13/2021 12:01:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x3608
Čas spuštění chybující aplikace: 0x01d701f61d972e70
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 58dfaddc-c4cd-4e36-bddd-02ff9895d974
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/13/2021 10:29:17 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (02/13/2021 08:32:23 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/13/2021 08:32:23 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
System errors:
=============
Error: (02/13/2021 07:11:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 07:01:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 06:58:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}
Error: (02/13/2021 06:29:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 05:46:00 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 12:22:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 12:13:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 11:51:35 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-02-13 17:44:32
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {FE53B80A-CC0C-42A9-B5B6-6A43A8BEFACF}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM
Date: 2021-02-13 17:33:49
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {E2C59794-06E7-48DC-83F1-AFC84710951F}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM
Date: 2021-02-13 17:29:21
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {12852A80-0F69-4FAA-A339-D5FB52BD4E5C}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: �pln� prohled�v�n�
U�ivatel: JIRKAPC\Ji��
CodeIntegrity:
==============
Date: 2021-02-13 19:09:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:09:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:09:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 18:47:19
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V17.5 03/30/2015
Motherboard: MSI H81M-E34 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 70%
Total physical RAM: 8134.53 MB
Available physical RAM: 2371.02 MB
Total Virtual: 10182.53 MB
Available Virtual: 3131.44 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:110.51 GB) (Free:47.92 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1863.01 GB) (Free:461.53 GB) NTFS
\\?\Volume{1fd108b7-4a7a-11e5-8257-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.78 GB) (Free:0.52 GB) NTFS
\\?\Volume{520e7dcd-0000-0000-0000-50d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 520E7DCD)
Partition 1: (Active) - (Size=798 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=515 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 5893482C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
ANtivir používám eset a ten nic nezachytil, zkoušel jsem i defender, následně několik antimalwaru, problém nevyřešili.
takže jsem narazil na vaše fórum a pokusím se vložit logy z FRST
Předem moc děkuji:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-02-2021
Ran by Jiří (administrator) on JIRKAPC (MSI MS-7817) (13-02-2021 20:05:45)
Running from C:\Users\Jiří\Downloads
Loaded Profiles: Jiří & kimno
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(CANON INC. -> CANON INC.) C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jiří\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Jiří\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe <27>
(Opera Software AS -> Opera Software) C:\Users\Jiří\AppData\Local\Programs\Opera\74.0.3911.107\opera_crashreporter.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [175504 2020-11-09] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [425512 2015-01-22] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-08] (Valve -> Valve Corporation)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [File not signed]
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32894024 2021-02-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Run: [Opera Browser Assistant] => C:\Users\Jiří\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3368600 2021-02-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\kimno\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\kimno\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [153088 2016-06-06] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-12-24] () [File not signed]
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar487.lnk [2021-02-13]
ShortcutTarget: Sidebar487.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F6E0D45-F0CA-4C48-ADF1-7F9AE8C20B6C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15F1E8AA-B67B-457E-8CE4-D2A2DA1E4767} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {26BE86C8-34F3-4F08-A667-2B88E5C1E9D6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D898D6E-AD62-4AE2-A5F9-23803298C90C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38C89BAF-073F-40D1-A455-21AC009C1B4B} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1824240 2016-11-30] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {4A58C298-FF77-423E-B17A-651F9DA36D24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57FBAB20-3A7D-4F26-AE4C-2DD78A350178} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-15] (Google Inc -> Google Inc.)
Task: {580EC7AC-AB23-49BA-97ED-692A46046DED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61CFD6F8-8D23-4C6E-AC6C-14B074432627} - System32\Tasks\Opera scheduled assistant Autoupdate 1613206974 => C:\Users\Jiří\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Jiří\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {64849F72-364B-482B-B362-773D405CE2D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-15] (Google Inc -> Google Inc.)
Task: {672D4C47-FF6A-4D99-B2B7-AE0B2271375B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68468F3F-0A62-406F-8981-F9A5A6CF42C5} - System32\Tasks\GoogleUpdateTaskMachineCore1d3eed5fa40a34f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-15] (Google Inc -> Google Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6F30DD41-F5E1-41EB-A304-9BB29057BB9B} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {743FDE56-A8F6-4E0B-93B2-237D3EAEB5EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74891F70-526B-4752-9BCA-F7FC629AD4F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7615524E-4C46-4CBE-B851-8109F5D52E0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78DFBEC7-D723-4A69-9AF0-439E37A716D0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DC22C7B-DC14-4952-B680-D32E9D34ED61} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86E6763C-D7F6-430B-A515-9E8A4D081563} - System32\Tasks\{6245D6EF-2215-4533-9FEA-61EEABA7D376} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Jiří\AppData\Local\SquareClock.Production_Home_Siko_Web\SQ.Remover.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8ABFDCA7-80A7-4551-9AAD-02291CCA4547} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8B2AC804-5EC6-4A43-B937-5348DECF73C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A54D7EB5-530B-46BA-BBF6-A8EC61B72A65} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AC1CA196-5D2B-4B43-9FB3-6BCAED6E6D49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6EFB08C-5CB3-4907-B2BD-35ED8DF01C21} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7064DBA-98E2-49A1-BB60-3C0075329B75} - System32\Tasks\Opera scheduled Autoupdate 1613206971 => C:\Users\Jiří\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {C299E052-F88A-48BD-8FF1-D46C4F7085DF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C701242E-9DC8-4D59-A47A-18A172AF59B3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF1FFA29-8AAC-4890-A4DE-0D2CD4842CFA} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> )
Task: {CF2DEBCE-6D6B-45A7-8A87-1735AB7CAB31} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0644664-B72B-43D4-9D92-F5F3F069D494} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D45CAFAE-366A-4033-AD02-AFBD8826FFC5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4DEFF55-E5D7-4741-99D0-4D5DCA07637D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E2EA2EEC-8EE0-4D4E-8257-7C8544995079} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E62B60E1-1923-44B7-B927-EF2E49620958} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3A9A59C-3DC3-47C5-9D60-BDA281A27D52} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {FA34F86D-C1A9-429A-9425-3C35AFCC8F62} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81e948d6-d3e9-4054-922e-636d31eaf609}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{90fbf2c8-ed71-4ead-a6ca-5dd4205c36ae}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jiří\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-13]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Jiří\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-02-13]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default [2021-02-13]
CHR Extension: (Prezentace) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-17]
CHR Extension: (Dokumenty) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-17]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-13]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-22]
CHR Extension: (Tabulky) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-13]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-13]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Jiří\AppData\Roaming\Opera Software\Opera Stable [2021-02-13]
OPR DownloadDir: D:\Torrent
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Session Restore: Opera Stable -> is enabled.
OPR Extension: (Rich Hints Agent) - C:\Users\Jiří\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8902024 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2595360 2020-11-09] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1728072 2020-10-28] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-10-28] (GOG Sp. z o.o. -> GOG.com)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-02-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-01-29] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-27] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 HTCAND64; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) [File not signed]
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-07-27] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 20:05 - 2021-02-13 20:06 - 000027327 ____C C:\Users\Jiří\Downloads\FRST.txt
2021-02-13 20:05 - 2021-02-13 20:05 - 000000000 ___DC C:\Users\Jiří\Downloads\FRST-OlderVersion
2021-02-13 20:03 - 2021-02-13 20:05 - 002297344 ____C (Farbar) C:\Users\Jiří\Downloads\FRST64.exe
2021-02-13 20:02 - 2021-02-13 20:06 - 000000000 ___DC C:\FRST
2021-02-13 19:51 - 2021-02-13 20:07 - 001180564 _____ C:\WINDOWS\ZAM.krnl.trace
2021-02-13 19:51 - 2021-02-13 19:51 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2021-02-13 19:51 - 2021-02-13 19:51 - 000003540 _____ C:\WINDOWS\system32\Tasks\AMHelper
2021-02-13 19:51 - 2021-02-13 19:51 - 000001339 ____C C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\Users\Jiří\AppData\Local\Zemana
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\Users\Jiří\AppData\Local\AMSDK
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-02-13 19:51 - 2021-02-13 19:51 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-02-13 19:46 - 2021-02-13 19:48 - 000000000 ____D C:\ProgramData\HitmanPro
2021-02-13 18:36 - 2021-02-13 18:36 - 000222104 ____C (AVAST Software) C:\Users\Jiří\Downloads\avast_free_antivirus_setup_online.exe
2021-02-13 10:02 - 2021-02-13 10:02 - 000004402 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1613206974
2021-02-13 10:02 - 2021-02-13 10:02 - 000004150 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1613206971
2021-02-13 10:02 - 2021-02-13 10:02 - 000001501 ____C C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-02-13 10:02 - 2021-02-13 10:02 - 000001455 ____C C:\Users\Jiří\Desktop\Prohlížeč Opera.lnk
2021-02-13 09:59 - 2021-02-13 09:59 - 000246910 _____ C:\Users\Jiří\Desktop\Chybove_hlasky.pptx
2021-02-13 09:54 - 2021-02-13 09:54 - 000000000 ____D C:\Users\Jiří\AppData\Local\mbam
2021-02-13 09:54 - 2021-02-13 09:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-13 09:48 - 2021-02-13 09:54 - 000391990 _____ C:\WINDOWS\ntbtlog.txt
2021-02-13 09:48 - 2021-02-13 09:52 - 000000214 ____C C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-02-13 08:34 - 2021-02-13 09:19 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_13
2021-02-12 08:40 - 2021-02-12 10:04 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_12
2021-02-11 19:32 - 2021-02-11 19:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 19:32 - 2021-02-11 19:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 19:32 - 2021-02-11 19:32 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 19:32 - 2021-02-11 19:32 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-11 19:32 - 2021-02-11 19:32 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 21:37 - 2021-02-10 21:38 - 000000000 ___DC C:\AdwCleaner
2021-02-10 08:53 - 2021-02-10 10:05 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_10
2021-02-09 08:43 - 2021-02-09 10:10 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_09
2021-02-08 08:37 - 2021-02-08 15:15 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_08
2021-02-07 09:07 - 2021-02-07 19:00 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_07
2021-02-06 10:00 - 2021-02-06 18:19 - 000000000 ___DC C:\Users\Jiří\Documents\2021_02_06
2021-02-04 18:12 - 2021-02-04 18:37 - 000036404 ____C C:\Users\Jiří\Documents\Spotřeba 2021.xlsx
2021-02-04 18:12 - 2021-02-04 18:12 - 000004287 ____C C:\Users\Jiří\Desktop\Spotřeba 2021.lnk
2021-02-01 19:16 - 2021-02-01 19:19 - 000011000 ____C C:\Users\Jiří\Desktop\VRATA - telefonní čísla.xlsx
2021-02-01 19:04 - 2021-02-01 19:09 - 000000000 ___DC C:\Users\Jiří\Desktop\Izolace podlaha
2021-02-01 18:40 - 2021-02-01 18:42 - 000002165 ____C C:\Users\Jiří\Desktop\skse64_loader.lnk
2021-02-01 17:41 - 2021-02-13 18:55 - 000000000 ____D C:\Users\Jiří\AppData\Local\Black_Tree_Gaming
2021-02-01 17:41 - 2021-02-01 17:41 - 000000000 ___DC C:\Users\Jiří\Documents\Nexus Mod Manager
2021-01-31 21:21 - 2021-01-31 21:21 - 000000222 ____C C:\Users\Jiří\Desktop\The Elder Scrolls V Skyrim Special Edition.url
2021-01-31 20:15 - 2021-01-31 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Apps
2021-01-31 18:31 - 2021-02-01 08:34 - 000000000 ____D C:\Users\Jiří\.openshot_qt
2021-01-31 17:32 - 2021-01-31 17:33 - 000000000 ____D C:\Users\Jiří\AppData\Local\Movavi
2021-01-31 17:32 - 2021-01-31 17:32 - 000000000 ____D C:\Users\Jiří\AppData\Local\VideoEditorPlus
2021-01-31 17:32 - 2021-01-31 17:32 - 000000000 ____D C:\Users\Jiří\AppData\Local\CrashRpt
2021-01-31 17:32 - 2021-01-31 17:32 - 000000000 ____D C:\Users\Jiří\AppData\Local\cache
2021-01-31 17:30 - 2021-01-31 17:30 - 000012554 _____ C:\ProgramData\juutbubq.wrj
2021-01-31 17:30 - 2021-01-31 17:30 - 000000016 _____ C:\ProgramData\mntemp
2021-01-30 22:47 - 2021-02-06 19:21 - 000000000 ____D C:\Users\Jiří\AppData\Local\Skyrim Special Edition
2021-01-25 18:03 - 2021-01-25 18:03 - 000000000 ___DC C:\Users\Jiří\Documents\der grune max
2021-01-22 09:19 - 2021-01-22 09:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-15 15:08 - 2021-01-15 15:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 15:08 - 2021-01-15 15:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 15:08 - 2021-01-15 15:08 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 15:08 - 2021-01-15 15:08 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 15:08 - 2021-01-15 15:08 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 15:08 - 2021-01-15 15:08 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 15:08 - 2021-01-15 15:08 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 15:07 - 2021-01-15 15:07 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 15:07 - 2021-01-15 15:07 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 15:07 - 2021-01-15 15:07 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 15:07 - 2021-01-15 15:07 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 15:07 - 2021-01-15 15:07 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 15:07 - 2021-01-15 15:07 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 15:07 - 2021-01-15 15:07 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-15 15:06 - 2021-01-15 15:06 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 20:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-13 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-13 19:43 - 2020-07-07 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-13 19:05 - 2020-07-07 18:47 - 001693200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-13 19:05 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-13 19:05 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 19:00 - 2017-04-24 20:14 - 000000000 ___DC C:\ProgramData\NVIDIA
2021-02-13 18:59 - 2015-08-24 21:39 - 000000000 ___DC C:\Program Files (x86)\Steam
2021-02-13 18:58 - 2020-07-07 18:49 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2021-02-13 18:58 - 2020-07-07 18:43 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-13 18:58 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-13 18:43 - 2020-06-04 15:57 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-13 18:43 - 2020-06-04 15:57 - 000002263 ____C C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-13 18:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-13 18:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-13 17:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-13 17:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-13 17:29 - 2018-05-18 19:29 - 000000000 ___DC C:\WINDOWS\system32\Drivers\wd
2021-02-13 17:19 - 2019-12-07 10:03 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2021-02-13 17:19 - 2015-08-24 22:09 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-13 16:43 - 2015-08-24 21:11 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\vlc
2021-02-13 12:02 - 2018-12-21 18:53 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\uTorrent
2021-02-13 12:01 - 2020-07-07 17:59 - 000000000 ____D C:\Users\Jiří
2021-02-13 12:01 - 2015-08-25 16:02 - 000000000 ___DC C:\Users\Jiří\AppData\Local\CrashDumps
2021-02-13 10:30 - 2017-11-29 20:56 - 000000000 ___DC C:\Users\Jiří\AppData\Local\Packages
2021-02-13 10:29 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-13 10:28 - 2020-05-25 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-02-13 10:28 - 2016-09-11 15:51 - 000000000 ___DC C:\ProgramData\Garmin
2021-02-13 10:28 - 2016-09-11 15:51 - 000000000 ___DC C:\Program Files (x86)\Garmin
2021-02-13 10:03 - 2015-08-31 18:38 - 000000000 ___DC C:\Users\Jiří\AppData\Local\Opera Software
2021-02-13 10:02 - 2015-08-31 18:38 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\Opera Software
2021-02-13 09:43 - 2015-08-31 18:37 - 000000000 ___DC C:\Program Files (x86)\Opera
2021-02-12 10:23 - 2018-11-29 21:20 - 000001046 ____C C:\Users\Jiří\Desktop\4K Video Downloader.lnk
2021-02-11 22:37 - 2020-07-07 18:43 - 000442280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 22:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 14:34 - 2015-08-24 22:08 - 000000000 ___DC C:\WINDOWS\system32\MRT
2021-02-10 14:32 - 2015-08-24 22:08 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 16:54 - 2020-07-07 18:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-09 16:54 - 2015-08-24 21:12 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-09 08:35 - 2020-07-07 18:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-09 08:35 - 2020-07-07 18:49 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 13:19 - 2016-05-15 14:36 - 000002307 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-05 13:19 - 2016-05-15 14:36 - 000002266 ____C C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-05 08:11 - 2020-07-07 18:49 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 08:11 - 2020-07-07 18:49 - 000003378 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d3eed5fa40a34f
2021-02-04 18:27 - 2020-07-08 17:55 - 000057614 ____C C:\Users\Jiří\Documents\Spotřeba 2020.xlsx
2021-02-02 18:52 - 2020-07-07 18:49 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4107644453-2996199023-3231352366-1001
2021-02-02 18:52 - 2020-07-07 17:59 - 000002407 ____C C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-02 18:52 - 2015-08-24 17:33 - 000000000 __RDC C:\Users\Jiří\OneDrive
2021-02-02 18:33 - 2020-01-06 21:45 - 000000000 ___DC C:\Users\Jiří\Documents\Dum
2021-02-02 09:11 - 2015-11-16 18:06 - 000000000 ___DC C:\Program Files\Microsoft Office
2021-02-01 07:55 - 2017-07-11 20:32 - 000018129 ____C C:\Users\Jiří\Documents\Přístupy.xlsx
2021-01-31 21:21 - 2015-08-24 21:49 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-31 20:16 - 2015-06-05 14:17 - 000000000 ___DC C:\ProgramData\Package Cache
2021-01-31 20:15 - 2020-10-20 13:26 - 000000000 ____D C:\Users\Jiří\AppData\Roaming\WD Discovery
2021-01-31 20:15 - 2020-10-20 13:25 - 000000000 ____D C:\Users\Jiří\.wdc
2021-01-31 19:46 - 2018-05-27 20:40 - 000000000 ___DC C:\Users\Jiří\AppData\Local\PlaceholderTileLogoFolder
2021-01-31 17:30 - 2017-06-15 19:42 - 000000000 ___DC C:\Users\Jiří\AppData\Roaming\NVIDIA
2021-01-31 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-31 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-30 22:47 - 2015-09-10 18:19 - 000000000 ___DC C:\Users\Jiří\Documents\my games
2021-01-30 20:35 - 2017-03-14 19:54 - 000000000 ___DC C:\Users\Jiří\Documents\Aukro
2021-01-26 07:23 - 2019-04-01 19:53 - 000000000 ___DC C:\Program Files\Canon
2021-01-23 13:07 - 2015-08-29 14:42 - 000000000 ___DC C:\Program Files (x86)\GalaxyClient
2021-01-22 20:04 - 2017-12-12 21:42 - 000010402 ____C C:\Users\Jiří\Desktop\Sledované seriály.xlsx
2021-01-20 20:03 - 2015-08-24 21:05 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altap Salamander (x64).lnk
2021-01-20 20:03 - 2015-08-24 21:05 - 000001146 ____C C:\ProgramData\Desktop\Salamander (x64).lnk
2021-01-20 20:03 - 2015-08-24 21:05 - 000000000 ___DC C:\Program Files\Altap Salamander
2021-01-15 15:57 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 15:57 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 15:06 - 2020-07-07 18:45 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2017-11-19 17:34 - 2017-11-19 17:34 - 000000624 ____C () C:\Users\Jiří\AppData\Roaming\All CPU MeterV3_Settings.ini
2018-02-10 21:36 - 2019-02-28 18:08 - 000000119 ____C () C:\Users\Jiří\AppData\Roaming\Network Monitor II_#0_Traffic.ini
2017-04-14 09:58 - 2017-04-14 09:58 - 000000029 ____C () C:\Users\Jiří\AppData\Local\SQ.RemoverDelete.bat
2017-04-05 20:12 - 2017-04-05 20:12 - 000032038 ____C () C:\Users\Jiří\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2021
Ran by Jiří (13-02-2021 20:07:46)
Running from C:\Users\Jiří\Downloads
Windows 10 Home Version 2004 19041.804 (X64) (2020-07-07 17:49:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4107644453-2996199023-3231352366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4107644453-2996199023-3231352366-503 - Limited - Disabled)
Guest (S-1-5-21-4107644453-2996199023-3231352366-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4107644453-2996199023-3231352366-1003 - Limited - Enabled)
Jiří (S-1-5-21-4107644453-2996199023-3231352366-1001 - Administrator - Enabled) => C:\Users\Jiří
kimno (S-1-5-21-4107644453-2996199023-3231352366-1004 - Limited - Disabled) => C:\Users\kimno
WDAGUtilityAccount (S-1-5-21-4107644453-2996199023-3231352366-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.4 (HKLM-x32\...\{4E97C234-3F6C-4AA9-BFAF-0166F3050A68}) (Version: 4.4.11.2412 - Open Media LLC)
8GadgetPack (HKLM-x32\...\{8AE911BA-9AFB-435C-92C9-62BF228647AE}) (Version: 15.0.0 - Helmut Buhler)
Active@ KillDisk 10 (HKLM\...\{6A633DB7-06E4-4EF1-8FD1-7F8812C590AD}_is1) (Version: 10 - LSoft Technologies Inc)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Blood and Wine (HKLM-x32\...\1441620909_is1) (Version: 1.32 - GOG.com)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 2.1.2 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 2.1.2.40000 - CANON INC.)
Canon MF Scan Utility (HKLM-x32\...\Canon_MF_Scan_Utility) (Version: 1.5.0.0 - CANON INC.)
Canon MF633C/635C (HKLM\...\{7B95F8E4-3E24-4FAF-9CB0-5063F9E1202A}) (Version: 5.4.0.1 - CANON INC.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.3 - CEWE Stiftung u Co. KGaA)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Free DLC program (16 DLC) (HKLM-x32\...\1430743168_is1) (Version: 1.32 - GOG.com)
Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hearts of Stone (HKLM-x32\...\1441355562_is1) (Version: 1.32 - GOG.com)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.13628.20274 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 74.0.3911.107 (HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Opera 74.0.3911.107) (Version: 74.0.3911.107 - Opera Software)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.07.0.1318 - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\...\SeznamInstall) (Version: - Seznam.cz)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
tiptoi® Manager 4.2.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.2.1 - Ravensburger AG)
Toner Status (HKLM-x32\...\{6E9A516A-6189-4502-80FD-51BE28989CEB}) (Version: 1.5.0.0 - CANON INC.)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2021-01-31] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-14] (Facebook Inc)
Logitech Camera Controller -> C:\Program Files\WindowsApps\E97CB0A1.LogitechCameraController_1.0.0.135_x86__wd885nsp30hay [2015-09-14] (LOGITECH Europe S.A.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-24] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Sticky Tiles -> C:\Program Files\WindowsApps\44239NirmitKavaiya.StickyTiles_1.2.0.0_neutral__06vcx9pe9kpe6 [2017-02-01] (Nirmit Kavaiya)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\nvshext.dll [2020-10-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2015-09-14] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2015-09-14] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-04-01 19:54 - 2015-01-20 17:30 - 000005120 ____C (CANON INC.) [File not signed] C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.DLL
2019-04-01 19:53 - 2016-06-06 09:12 - 000153088 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2015-10-23 17:01 - 2015-08-26 03:58 - 000528896 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2015-10-23 17:01 - 2012-05-19 06:16 - 000083456 ____C (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\cpzp.cz -> hxxps://portal.cpzp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\ozp.cz -> hxxps://portal.ozp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\portalzp.cz -> hxxps://www.portalzp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\rbp-zp.cz -> hxxps://portal.rbp-zp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\vozp.cz -> hxxps://portal.vozp.cz
IE trusted site: HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\zpskoda.cz -> hxxps://portal.zpskoda.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\Control Panel\Desktop\\Wallpaper -> D:\Dokumenty Kačky\foto\2020\IMG_3744.JPG
HKU\S-1-5-21-4107644453-2996199023-3231352366-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)
Síť Ethernet: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-4107644453-2996199023-3231352366-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D9FE5ABF-95D1-48B2-BFFB-D13B62052654}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B0E0126F-1D2D-4C13-A24C-9B7B1F97B0F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{670AD653-3C97-47B4-BE65-1F2E031BB3D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{91105283-DAB4-4976-994D-0F6F29D740B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1621E8E0-490E-411B-963D-3685EF37FDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9CFAD03A-63BB-4E7E-A858-3A4192FDC91C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7912768C-BEBF-472C-9AA3-0C5482387A63}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6AC8CB0D-90E3-46CC-B8B2-982FCFE854DE}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{D6EA4F5C-2E26-4A72-A442-0C1A4B986200}] => (Allow) D:\SteamLibrary\steamapps\common\Pathfinder Kingmaker\Kingmaker.exe () [File not signed]
FirewallRules: [{B201E873-1A23-4625-B8BD-6735C158E3C8}] => (Allow) D:\SteamLibrary\steamapps\common\Pathfinder Kingmaker\Kingmaker.exe () [File not signed]
FirewallRules: [{B4784417-2770-4B85-A21F-9FE9FAAE077B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C84A9249-39F1-418D-A4E2-916E1FDA93D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86886C13-7CAE-4B4B-AEF8-60E6479FC72D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{5A4379E5-D9F1-431A-97F7-86FD23CBBA16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A59FA7F-9C34-4D48-B5ED-9182ABA0AE72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B96A868-230A-4DFF-A33A-7D9F937FB055}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{604C8E92-BC40-4B03-8018-4F3DA416B9EC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{3BE1FA56-9F1E-4784-BBF9-EE07BC45AD32}C:\program files (x86)\abc\abc.exe] => (Allow) C:\program files (x86)\abc\abc.exe => No File
FirewallRules: [TCP Query User{3A2E9AF5-6542-421B-A941-2DA9303B5F93}C:\program files (x86)\abc\abc.exe] => (Allow) C:\program files (x86)\abc\abc.exe => No File
FirewallRules: [{A11FF3A5-3913-4137-AF8E-0A41C51A211A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{F2A55437-D2CE-473C-B0A2-61A8B8A83AA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{785D7EAF-7F41-4BB3-A79E-90A5471D57AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CCC02C15-BC54-4863-ABD4-0FC09C7C66DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{20BFB853-7B4F-4CA8-869D-2AF112CE5B0B}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{EF636CD9-C73D-485D-935B-E5F1BD25D416}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{F70BBBC6-B1BB-4D31-9BAD-CE12D3552C81}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [UDP Query User{2C64C81A-F922-482A-BB0E-01C2B6DE0801}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [{A1513352-D8D7-4AF8-AF4E-8BA47D82F8BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{13777B76-486F-420D-9E44-86A289F7B26F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{200A0C7E-7E36-466E-91D1-EDEF092537B9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0C34F09-B833-4E90-91D6-CE69986A2650}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2747D32-3920-455F-AB28-24B343B1F333}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FA03F445-F1B6-43B3-8F1E-73A92F84E883}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5BFB545B-45CC-4AF7-9FFC-001CD253A1BC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{FD4945BE-4F6E-49F5-AE38-EB8CDFE2479F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{BF0211B9-2390-4674-A00D-8216ABFA6629}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{675C0825-198F-4384-816F-7B8AC2DE8095}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{7D93A705-0695-421F-AE95-88A6A3BD2A50}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA805D09-B85C-44F0-8879-4D1797D49EA3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE35B626-D628-47F2-B09D-C0A0C4B02A50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F4D91472-9B8A-45B0-A21D-21686D154D1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{258A63CE-C187-447C-81BA-5FACA9685E4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7BF8283-A740-474B-838F-8B2E4F983344}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1493F48-BF26-45D1-B35B-FC73B2C77230}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5E2B8E3-155B-4F30-9C26-BB96CDE0259D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CB7B9E5E-239C-470C-B5F5-D128C5FE2706}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A6BA10F0-320A-46DC-8ADD-045D9D7D02BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A9089A45-E6DE-479F-9BFD-24D136817485}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB8044B8-0496-448E-93DD-E34D872790AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BDF7D5B5-103E-4D0F-BBC3-FD8EA583036D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84B638CF-1368-489F-A01A-7FE964043D6A}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{3900EC9C-35A1-4914-A421-D395FD0B124E}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{F6470F50-5ABE-4BF8-8968-544645331D8F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9159D24-5042-43F5-AFA7-597A9EEDCB04}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AE3E840-4C55-42FB-BF38-DA06D4E2B48C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A53D5F2-1C1A-40FE-9ED3-282AFB0B6B14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C6F5DDAE-33CF-4259-AB61-BF8DD6DB4E80}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:110.51 GB) (Free:47.92 GB) (43%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/13/2021 07:09:18 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: JIRKAPC)
Description: microsoft.windows.cortana_cw5n1h2txyewy-2147024893
Error: (02/13/2021 01:11:49 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/13/2021 01:11:49 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (02/13/2021 01:11:49 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (02/13/2021 12:01:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x3608
Čas spuštění chybující aplikace: 0x01d701f61d972e70
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 58dfaddc-c4cd-4e36-bddd-02ff9895d974
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/13/2021 10:29:17 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (02/13/2021 08:32:23 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/13/2021 08:32:23 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
System errors:
=============
Error: (02/13/2021 07:11:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 07:01:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 06:58:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}
Error: (02/13/2021 06:29:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 05:46:00 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 12:22:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 12:13:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 11:51:35 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-02-13 17:44:32
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {FE53B80A-CC0C-42A9-B5B6-6A43A8BEFACF}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM
Date: 2021-02-13 17:33:49
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {E2C59794-06E7-48DC-83F1-AFC84710951F}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM
Date: 2021-02-13 17:29:21
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {12852A80-0F69-4FAA-A339-D5FB52BD4E5C}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: �pln� prohled�v�n�
U�ivatel: JIRKAPC\Ji��
CodeIntegrity:
==============
Date: 2021-02-13 19:09:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:09:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:09:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 19:00:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-13 18:47:19
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V17.5 03/30/2015
Motherboard: MSI H81M-E34 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 70%
Total physical RAM: 8134.53 MB
Available physical RAM: 2371.02 MB
Total Virtual: 10182.53 MB
Available Virtual: 3131.44 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:110.51 GB) (Free:47.92 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1863.01 GB) (Free:461.53 GB) NTFS
\\?\Volume{1fd108b7-4a7a-11e5-8257-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.78 GB) (Free:0.52 GB) NTFS
\\?\Volume{520e7dcd-0000-0000-0000-50d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 520E7DCD)
Partition 1: (Active) - (Size=798 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=515 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 5893482C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
