VIRY.CZ

Zdravím. Špatně se mi načítají stránky, některé vůbec, píše že server neodpovědel v čase apod.
Nepoužívám antivir, myslel jsem že je to v dnešní době zbytečné když neklikam na nějaký porno clickbait

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
Ran by XXX (administrator) on XXX-PC (LENOVO 4384FV7) (21-09-2021 16:13:40)
Running from C:\Users\XXX\Desktop
Loaded Profiles: XXX & UpdatusUser
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: "C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUI.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUserAgent.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe <2>
(LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
(Maxthon Technology Co, Ltd. -> Maxthon Ltd.) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE <3>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-15] (Conexant Systems, Inc. -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9123248 2021-09-20] (Lavasoft Software Canada Inc. -> Lavasoft)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON XP-630 Series 64MonitorBE: C:\Windows\system32\E_YLMBPLE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07F9EF7A-1F22-4511-B818-EE6362BBBCAC} - System32\Tasks\Games\UpdateCheck_S-1-5-21-555042887-2286466740-3098252512-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {29FF17AC-EA42-4AEB-BE92-127890972074} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {2F81CFBE-2693-40B6-9754-B4FAB9153B89} - System32\Tasks\{72473BEC-643F-463F-AFB7-46DED0B91711} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\Desktop\DialogysInstall_PC.exe -d C:\Users\XXX\Desktop
Task: {3B91FC34-0AB6-4843-9DCE-5731B3407464} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {46249C69-1762-409D-8318-3279892DBA49} - System32\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {49517535-8100-4FA3-AD29-D9AB16CF6F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6628056 2016-01-15] (Piriform Ltd -> Piriform Ltd)
Task: {50110C47-559A-4DD3-8B4B-D80E5195AFAD} - System32\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {58DC4A38-9466-443F-B8AA-903E49316E4C} - System32\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
Task: {968F1CAD-5227-4345-9FA0-6C6F5E95C3B4} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {B0C00EAD-68F6-44BB-88EC-A2302D4B1D30} - System32\Tasks\{5CC936AD-914B-404D-B40F-5FC717E65481} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin\MGS2SSetup.exe" -d "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin"
Task: {B2ABA462-A170-4CEC-9206-31F92E4AD5F7} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {B95E45FA-6E22-4186-8D04-AE8DB0A689AA} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe [593920 2013-09-25] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{326805B2-8C58-4D3D-A4E5-E90D3768C8D5} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{4AAB39D2-890A-4DC4-B515-785176BC5786} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{C5E4CE44-5ED1-48B5-8A3C-4952643C058B} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{362D3F70-6BF6-47E7-B731-78954894A20C}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\XXX\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-21]
Edge Notifications: Profile 1 -> hxxps://meet.google.com

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-02-24] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2017-02-08] (Lenovo -> Lenovo)
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-09-20] (Lavasoft Software Canada Inc. -> )
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe [11871976 2016-08-23] (DISPLAYLINK -> DisplayLink Corp.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [685496 2019-05-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711248 2017-04-01] (Lenovo -> Lenovo.)
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (Qualcomm Inc -> QUALCOMM, Inc.)
S3 ss_conn_launcher_service; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-04-27] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [934328 2020-04-27] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13271336 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [22960 2021-09-20] (Lavasoft Software Canada Inc. -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [367096 2021-09-20] (Bitdefender SRL -> Bitdefender)
R2 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [61952 2009-10-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Information Product(ShenZhen China) Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\rsit
2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\Program Files\trend micro
2021-09-21 16:13 - 2021-09-21 16:18 - 000018118 _____ C:\Users\XXX\Desktop\FRST.txt
2021-09-21 16:13 - 2021-09-21 16:13 - 001222144 _____ C:\Users\XXX\Desktop\RSITx64.exe
2021-09-21 16:09 - 2021-09-21 16:09 - 002304512 _____ (Farbar) C:\Users\XXX\Desktop\FRST64.exe
2021-09-21 15:53 - 2021-09-21 16:16 - 000000000 ____D C:\FRST
2021-09-21 15:39 - 2021-09-21 15:39 - 000388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HijackThis.exe
2021-09-21 14:58 - 2021-09-21 14:58 - 000002296 _____ C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000002259 _____ C:\Users\XXX\Desktop\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Roaming\VBox
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\vback
2021-09-21 14:57 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\Maxthon
2021-09-20 07:44 - 2021-09-20 07:44 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-09-19 14:18 - 2021-09-19 15:53 - 000000000 ____D C:\Users\XXX\Downloads\Alphaville - First Harvest 1984 1992
2021-09-19 10:27 - 2021-09-19 09:33 - 124298470 _____ C:\Users\XXX\Desktop\06.-New Year's Day.flac
2021-09-02 09:27 - 2021-09-02 09:27 - 000001054 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Burnaware
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Program Files (x86)\BurnAware Free

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 16:02 - 2020-02-24 14:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-21 16:02 - 2020-02-24 14:02 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job
2021-09-21 16:01 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-21 15:45 - 2020-11-08 22:45 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job
2021-09-21 15:39 - 2020-02-08 19:16 - 000000000 ____D C:\Users\XXX\AppData\Local\VirtualStore
2021-09-21 14:57 - 2020-02-24 13:57 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job
2021-09-21 14:48 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-21 14:48 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-21 14:27 - 2020-02-20 14:08 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Maxthon5
2021-09-21 14:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-09-21 13:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-19 16:01 - 2020-02-25 13:42 - 000001491 _____ C:\Users\XXX\Desktop\AudioExtractor.ini
2021-09-19 15:56 - 2021-04-26 11:13 - 000000000 ____D C:\Users\XXX\AppData\Roaming\uTorrent
2021-09-19 09:01 - 2020-07-01 16:29 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-19 09:01 - 2020-07-01 16:29 - 000002180 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-15 15:34 - 2020-02-24 19:29 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 15:29 - 2020-02-24 19:29 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-06 14:19 - 2020-02-09 12:03 - 000000000 ____D C:\Users\XXX\My Drivers
2021-09-01 12:00 - 2020-12-23 14:18 - 000000000 ____D C:\SWSHARE
2021-08-30 22:45 - 2020-02-24 17:56 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-24 16:40 - 2009-07-14 17:18 - 000668376 _____ C:\Windows\system32\perfh005.dat
2021-08-24 16:40 - 2009-07-14 17:18 - 000141004 _____ C:\Windows\system32\perfc005.dat
2021-08-24 16:40 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories ========

2020-09-18 11:27 - 2020-09-18 11:27 - 000195296 _____ () C:\Users\XXX\comcat5.dll
2020-04-08 11:23 - 2020-04-08 13:25 - 000001576 _____ () C:\Program Files (x86)\DialogysUninstWPS.bat
2020-04-08 11:23 - 2020-04-08 11:23 - 000000840 _____ () C:\Program Files (x86)\INSTALL.LOG
2020-04-08 11:23 - 2014-09-12 13:01 - 000176055 _____ () C:\Program Files (x86)\UninstScript.EXE
2020-12-23 11:55 - 2020-12-23 12:18 - 000013797 _____ () C:\Users\XXX\AppData\Local\WiDiSetupLog.20201223.105508.wdl

==================== FLock ==============================

2020-12-23 14:37 C:\RRbackups

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-19 16:22
==================== End of FRST.txt ========================


Logfile of random's system information tool 1.10 (written by random/random)
Run by XXX at 2021-09-21 16:14:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 90 GB (30%) free of 303 GB
Total RAM: 5940 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:29, on 21.9.2021
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\trend micro\XXX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\BHO\ie_to_edge_bho.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-630 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-630 Series"
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [EPSDNMON] ""
O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE /EPT "EPLTarget\P0000000000000002" /M "XP-630 Series"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-555042887-2286466740-3098252512-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-555042887-2286466740-3098252512-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Connect2 Hotspot Service (connect2hotspot) - Lenovo - C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
O23 - Service: DCIService - - C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Gobi 2000 Download Service (Lenovo) (QDLService2kLenovo) - QUALCOMM, Inc. - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile USB Connectivity Launcher (ss_conn_launcher_service) - Unknown owner - C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: SAMSUNG Mobile Connectivity Service V2 (ss_conn_service2) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9501 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\LPlatSvc.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\LPlatSvc.exe" -EM
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9a01b958-501c-4daa-8c9b-9def8f5a808f -SystemEventPortName:HostProcess-ecc18278-3157-48fc-b254-dbd69059ac1a -IoCancelEventPortName:HostProcess-2ecade95-2d3d-42d8-b764-fc8d6e8c2d50 -NonStateChangingEventPortName:HostProcess-748a65b5-8859-49f5-9aa5-ab9ebf9cb178 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3e908f06-1663-4c3e-bbce-653bd355d5c5 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUserAgent.exe" -dluPipeName dl.dlu.s3PULntKOo89YaUZMvXzmyW5g2TwTUr3u2xtQ1XWzu4CD0Ox2dPv1S1faO2hdea8 -monitorableAppPipeName dl.monitorable.app.SLAOKuflbxYTIiGqOeNjQSG8GfwHN42Mx2onFSeho0IeRiFB53Caq11dEifI0vt9
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUI.exe" -monitorableAppPipeName dl.monitorable.app.CnIrvWT7Qnctdvn6JtlpeQYEh5d97aadYVFV1LYc6u27NEDxyCgZd2GNMZxZkqtp
"C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe"
taskeng.exe {98D61294-A45F-494C-9D3C-60AE83103CF1}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\splwow64.exe 8192
"C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-630 Series"
"C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE" /EPT "EPLTarget\P0000000000000001" /M "XP-630 Series"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
"C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE" /EPT "EPLTarget\P0000000000000002" /M "XP-630 Series"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe --type=crashpad-handler "--user-data-dir=C:\Users\XXX\AppData\Local\Maxthon\Application\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\XXX\AppData\Local\Maxthon\Application\User Data\Crashpad" "--metrics-dir=C:\Users\XXX\AppData\Local\Maxthon\Application\User Data" --annotation=plat=Win64 --annotation=prod=Maxthon --annotation=ver=6.1.2.1000 --initial-client-data=0xc4,0xc8,0xcc,0x98,0xd0,0x7fee49170c8,0x7fee49170d8,0x7fee49170e8
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=gpu-process --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --no-sandbox --start-stack-profiler --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1124 /prefetch:2
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --service-sandbox-type=network --no-sandbox --mojo-platform-channel-handle=1328 /prefetch:8
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --service-sandbox-type=utility --no-sandbox --mojo-platform-channel-handle=1760 /prefetch:8
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --service-sandbox-type=utility --no-sandbox --mojo-platform-channel-handle=2312 /prefetch:8
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --extension-process --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"

"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Windows\system32\sppsvc.exe
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Users\XXX\Desktop\FRST64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1424 /prefetch:1
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3876 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\XXX\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE /EXE:"{326805B2-8C58-4D3D-A4E5-E90D3768C8D5}" /F:"Update"
C:\Windows\tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE /EXE:"{4AAB39D2-890A-4DC4-B515-785176BC5786}" /F:"Update"
C:\Windows\tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE /EXE:"{C5E4CE44-5ED1-48B5-8A3C-4952643C058B}" /F:"Update"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\BHO\ie_to_edge_bho_64.dll [2021-09-16 524176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\BHO\ie_to_edge_bho.dll [2021-09-16 406928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPPCCMON"=C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [2020-10-22 442936]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-12-22 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-12-22 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-12-22 416024]
"Enhanced Performance Keyboard"=C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [2014-08-17 4013056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-15 307768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [2014-11-14 417776]
"EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [2014-11-14 417776]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2021-09-20 9123248]
"EPSDNMON"= []
"EPLTarget\P0000000000000002"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [2014-11-14 417776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2020-02-09 455872]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-05-21 389632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-09-21 16:14:28 ----D---- C:\rsit
2021-09-21 16:14:28 ----D---- C:\Program Files\trend micro
2021-09-21 15:53:09 ----D---- C:\FRST
2021-09-21 14:58:41 ----D---- C:\Users\XXX\AppData\Roaming\VBox
2021-09-20 07:44:04 ----A---- C:\Windows\system32\drivers\bddci.sys
2021-09-02 09:27:24 ----D---- C:\Users\XXX\AppData\Roaming\Burnaware
2021-09-02 09:27:02 ----D---- C:\Program Files (x86)\BurnAware Free

======List of files/folders modified in the last 1 month======

2021-09-21 16:14:28 ----RD---- C:\Program Files
2021-09-21 16:10:55 ----SHD---- C:\System Volume Information
2021-09-21 16:07:18 ----D---- C:\Windows\Temp
2021-09-21 16:02:16 ----D---- C:\Program Files (x86)\TeamViewer
2021-09-21 15:55:33 ----D---- C:\Windows\system32\config
2021-09-21 14:37:16 ----D---- C:\Windows
2021-09-21 14:27:59 ----D---- C:\Users\XXX\AppData\Roaming\Maxthon5
2021-09-21 14:27:40 ----RD---- C:\Program Files (x86)
2021-09-21 14:27:28 ----D---- C:\Windows\system32\Tasks
2021-09-21 14:15:17 ----D---- C:\Windows\system32\NDF
2021-09-21 14:15:17 ----D---- C:\Windows\Prefetch
2021-09-21 13:59:51 ----D---- C:\Windows\inf
2021-09-21 09:19:01 ----D---- C:\Windows\debug
2021-09-20 07:44:07 ----D---- C:\Windows\system32\drivers
2021-09-20 07:40:09 ----D---- C:\Windows\system32\wdi
2021-09-19 15:56:26 ----D---- C:\Users\XXX\AppData\Roaming\uTorrent
2021-09-19 15:55:40 ----D---- C:\Windows\SysWOW64
2021-09-19 15:55:40 ----D---- C:\Windows\System32
2021-09-15 15:30:09 ----D---- C:\Windows\system32\MRT
2021-09-15 15:29:41 ----AC---- C:\Windows\system32\MRT.exe
2021-09-01 12:00:18 ----D---- C:\SWSHARE
2021-08-30 22:45:38 ----N---- C:\Windows\system32\MpSigStub.exe
2021-08-24 16:40:24 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 dlkmdldr;dlkmdldr; C:\Windows\system32\drivers\dlkmdldr.sys [2016-08-23 27920]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-10-29 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 BdDci;BdDci Service; C:\Windows\system32\DRIVERS\bddci.sys [2021-09-20 367096]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2012-07-03 84480]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2019-07-30 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-07-30 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2020-02-25 54824]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-08-25 682624]
R3 dlkmd;dlkmd; C:\Windows\system32\drivers\dlkmd.sys [2016-08-23 457488]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2011-07-20 342704]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2017-04-01 82816]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-05-21 12229664]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2020-12-23 40248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2011-08-30 1225832]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-28 45296]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-07-28 461552]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2011-05-30 40248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2019-07-30 556032]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2020-04-27 136040]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-25 197408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_conn_usb_driver2;SAMSUNG Mobile USB Connectivity Device Driver V2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [2020-04-27 43368]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2020-04-27 166760]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2019-12-10 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 connect2hotspot;Connect2 Hotspot Service; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [2017-02-08 100680]
R2 DCIService;DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [2021-09-20 3413424]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe [2016-08-23 11871976]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [2019-05-08 685496]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2017-04-01 187984]
R2 LPlatSvc;Lenovo Platform Service; C:\Windows\system32\LPlatSvc.exe [2017-04-01 711248]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 893216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-29 1260320]
R2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo); C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2011-05-23 1688384]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 838928]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2020-04-27 752224]
R2 ss_conn_service2;SAMSUNG Mobile Connectivity Service V2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [2020-04-27 934328]
R2 TeamViewer;TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2021-09-02 13271336]
R2 WCAssistantService;WC Assistant; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [2021-09-20 22960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-01 224152]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-01 224152]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\elevation_service.exe [2021-09-16 1651616]
S3 ss_conn_launcher_service;SAMSUNG Mobile USB Connectivity Launcher; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [2020-04-27 182328]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [2013-09-25 1526120]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2020-02-24 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2010-08-31 1028096]

-----------------EOF-----------------

Zdravím!
Přidejte ještě log Addition ( je na ploše v souboru addition.txt). Děkuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by XXX (21-09-2021 16:26:09)
Running from C:\Users\XXX\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2020-02-08 17:15:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-555042887-2286466740-3098252512-500 - Administrator - Disabled)
Guest (S-1-5-21-555042887-2286466740-3098252512-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-555042887-2286466740-3098252512-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-555042887-2286466740-3098252512-1003 - Limited - Enabled) => C:\Users\UpdatusUser
XXX (S-1-5-21-555042887-2286466740-3098252512-1000 - Administrator - Enabled) => C:\Users\XXX

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AT&T Service Activation (HKLM-x32\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T)
BurnAware Free 14.6 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.848.0 - Piriform Software) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.1.3973 - Lenovo)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DisplayLink Core Software (HKLM\...\{89AEA34A-171E-4753-B888-C0D410C2CE44}) (Version: 8.0.778.0 - DisplayLink Corp.)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.84.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-630 Series Printer Uninstall (HKLM\...\EPSON XP-630 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2401 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
IUWEshare USB Flash Drive Data Recovery 7.9.9.9 (HKLM-x32\...\IUWEshare USB Flash Drive Data Recovery 7.9.9.9_is1) (Version: - IUWEshare)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.24 - Lenovo) Hidden
Lenovo USB Graphics (HKLM\...\{933E6021-BC9A-4B18-B6D9-46A5F5FC4115}) (Version: 8.0.835.0 - Lenovo)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Maxthon (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Maxthon) (Version: 6.1.2.1000 - The Maxthon Authors)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mobile Broadband Connect (HKLM-x32\...\{91B7B957-0F45-4BDC-85BA-08F80D49B9BC}) (Version: 3.5.0011 - Lenovo)
NVIDIA Ovladače grafiky 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
PotPlayer (HKLM-x32\...\PotPlayer) (Version: 1.7.16572 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Qualcomm Gobi 2000 Package for Lenovo (HKLM-x32\...\{666C9123-1AEC-446F-8AA8-28256B1953D4}) (Version: 1.1.250 - QUALCOMM)
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.28.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20113.5 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20113.5 - Samsung Electronics Co., Ltd.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.21.8 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17394396DF01}) (Version: 1.00.0029.8 - REALTEK Semiconductor Corp.)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Verizon Wireless Mobile Broadband Self Activation (HKLM-x32\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
Web Companion (HKLM-x32\...\{def7532f-2660-4e43-b706-f4dfdf250720}) (Version: 8.5.0.312 - Lavasoft)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-555042887-2286466740-3098252512-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\XXX\AppData\Local\Maxthon\Application\6.1.2.1000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-10-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2016-01-15 22:44 - 2016-01-15 22:44 - 000047616 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2015-02-25 15:36 - 2015-02-25 15:36 - 000058880 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skhooks.dll
2014-08-15 16:25 - 2014-08-15 16:25 - 000057856 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKHidKbd.dll
2006-12-05 15:40 - 2006-12-05 15:40 - 000059904 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skosd.dll
2008-10-22 16:20 - 2008-10-22 16:20 - 000138240 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKUtil.DLL
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-555042887-2286466740-3098252512-1000 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{7D67F62F-2BA0-4FF9-80AE-D326D4BE690C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6926BE57-48E6-49FA-A296-335F146D96DF}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{7DFE09C3-6864-495A-A3EF-77D3A2DB763D}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{86A09A9A-60A6-462E-A762-49AED13893D5}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{284C3D9C-4A25-4A13-A982-3B2198FC8D58}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{13927131-E4F9-41C2-93DD-04950FEB769C}] => (Allow) C:\Users\XXX\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{871ED391-5A71-48B8-9B9E-2B98A6CC8FBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{00E9DC41-460F-4024-989A-11D109BB2856}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9E40D386-7F7B-448B-B81C-AD814D2E733B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8A7F456D-4E01-468F-851A-74EF3684B5D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3BEA038D-1B59-40E9-B551-25B5EC161D11}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76BE50F8-1CA5-43B6-BCC6-C17D70467229}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CBB7380F-9FEC-424E-9164-8F9522F4C7E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADC17498-BC38-4EBE-B66C-64F047C35FD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CEF79BF-0736-446B-8F26-DE16769CCF0E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BF6FAF57-AC1C-408F-9001-6BF71500492A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F61E3A6F-ACB2-4B20-8C5E-5D54B2DF1376}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{71BA67F0-E50F-4CD5-BB0E-CEC2C1DB2FA2}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{10DC4035-8F5D-447A-973D-4F7964259756}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{69C00D4E-C50E-4D13-A252-B662624C36E5}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)

==================== Restore Points =========================

14-09-2021 15:38:44 Naplánovaný kontrolní bod
15-09-2021 15:28:45 Windows Update
19-09-2021 08:43:24 Windows Update
21-09-2021 14:25:47 Revo Uninstaller's restore point - MX5

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 03:54:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 20.9.2021.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 13c4

Čas spuštění: 01d7aef00028420a

Čas ukončení: 2

Cesta k aplikaci: C:\Users\XXX\Downloads\FRST64.exe

ID hlášení: 6375dab9-1ae3-11ec-abda-889ffaf583f8

Error: (09/21/2021 02:37:44 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 02:37:44 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 02:37:44 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 02:33:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (09/21/2021 04:13:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (09/21/2021 04:13:33 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/21/2021 04:08:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.

Error: (09/21/2021 03:42:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (09/21/2021 03:42:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/21/2021 02:50:19 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/21/2021 02:38:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Connect2 Hotspot Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/21/2021 02:38:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Connect2 Hotspot Service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2021-04-26 09:38:50.500
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{A0077DBA-7632-4B8B-AE90-ECCE7E5F0E3E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-07-08 13:46:11.190
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BC9E8BC5-61A9-4A91-959B-3899005B7795}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-02-24 21:21:02.063
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1E1630B-ED6F-4590-BF61-76DFED615DED}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:XXX-PC\XXX

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.228
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.227
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:20:40.239
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: LENOVO 6MET81WW (1.41 ) 10/26/2010
Motherboard: LENOVO 4384FV7
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 83%
Total physical RAM: 5939.67 MB
Available physical RAM: 950.97 MB
Total Virtual: 11877.49 MB
Available Virtual: 6480.6 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:295.98 GB) (Free:87.77 GB) NTFS
Drive d: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.64 GB) NTFS

\\?\Volume{e4a7b4c5-4a95-11ea-ad6d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6479A2B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

OK. Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

logovací soubor tam byl po čištění

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-21-2021
# Duration: 00:01:08
# OS: Windows 7 Home Premium
# Cleaned: 36
# Failed: 0


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\XXX\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\XXX\AppData\Roaming\DRPSu
Deleted C:\Users\XXX\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{def7532f-2660-4e43-b706-f4dfdf250720}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{def7532f-2660-4e43-b706-f4dfdf250720}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{def7532f-2660-4e43-b706-f4dfdf250720}|UninstallString
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.EpsonCustomerResearchParticipation Folder C:\Program Files\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Deleted Preinstalled.EpsonCustomerResearchParticipation Folder C:\ProgramData\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Deleted Preinstalled.EpsonCustomerResearchParticipation Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA}
Deleted Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\ACTIVE UPDATE
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\Public\Desktop\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\XXX\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5158 octets] - [21/09/2021 18:03:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
Ran by XXX (administrator) on XXX-PC (LENOVO 4384FV7) (21-09-2021 19:27:22)
Running from C:\Users\XXX\Desktop
Loaded Profiles: XXX & UpdatusUser
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: "C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUI.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUserAgent.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe <2>
(LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
(Maxthon Technology Co, Ltd. -> Maxthon Ltd.) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe <12>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE <3>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-15] (Conexant Systems, Inc. -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON XP-630 Series 64MonitorBE: C:\Windows\system32\E_YLMBPLE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07F9EF7A-1F22-4511-B818-EE6362BBBCAC} - System32\Tasks\Games\UpdateCheck_S-1-5-21-555042887-2286466740-3098252512-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {29FF17AC-EA42-4AEB-BE92-127890972074} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {2F81CFBE-2693-40B6-9754-B4FAB9153B89} - System32\Tasks\{72473BEC-643F-463F-AFB7-46DED0B91711} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\Desktop\DialogysInstall_PC.exe -d C:\Users\XXX\Desktop
Task: {3B91FC34-0AB6-4843-9DCE-5731B3407464} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {46249C69-1762-409D-8318-3279892DBA49} - System32\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {49517535-8100-4FA3-AD29-D9AB16CF6F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6628056 2016-01-15] (Piriform Ltd -> Piriform Ltd)
Task: {50110C47-559A-4DD3-8B4B-D80E5195AFAD} - System32\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {58DC4A38-9466-443F-B8AA-903E49316E4C} - System32\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
Task: {968F1CAD-5227-4345-9FA0-6C6F5E95C3B4} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {B0C00EAD-68F6-44BB-88EC-A2302D4B1D30} - System32\Tasks\{5CC936AD-914B-404D-B40F-5FC717E65481} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin\MGS2SSetup.exe" -d "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin"
Task: {B2ABA462-A170-4CEC-9206-31F92E4AD5F7} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {B95E45FA-6E22-4186-8D04-AE8DB0A689AA} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe [593920 2013-09-25] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{326805B2-8C58-4D3D-A4E5-E90D3768C8D5} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{4AAB39D2-890A-4DC4-B515-785176BC5786} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{C5E4CE44-5ED1-48B5-8A3C-4952643C058B} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{362D3F70-6BF6-47E7-B731-78954894A20C}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\XXX\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-21]
Edge Notifications: Profile 1 -> hxxps://meet.google.com

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-02-24] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2017-02-08] (Lenovo -> Lenovo)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe [11871976 2016-08-23] (DISPLAYLINK -> DisplayLink Corp.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711248 2017-04-01] (Lenovo -> Lenovo.)
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (Qualcomm Inc -> QUALCOMM, Inc.)
S3 ss_conn_launcher_service; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-04-27] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [934328 2020-04-27] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13271336 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X]
S2 EpsonCustomerResearchParticipation; "C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [367096 2021-09-20] (Bitdefender SRL -> Bitdefender)
R2 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [61952 2009-10-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Information Product(ShenZhen China) Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 18:02 - 2021-09-21 18:04 - 000000000 ____D C:\AdwCleaner
2021-09-21 18:01 - 2021-09-21 18:02 - 008553680 _____ (Malwarebytes) C:\Users\XXX\Desktop\adwcleaner_8.3.0.exe
2021-09-21 17:07 - 2021-09-21 17:07 - 001342296 _____ (Google LLC) C:\Users\XXX\Desktop\ChromeSetup.exe
2021-09-21 16:19 - 2021-09-21 16:28 - 000029277 _____ C:\Users\XXX\Desktop\Addition.txt
2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\rsit
2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\Program Files\trend micro
2021-09-21 16:13 - 2021-09-21 19:29 - 000017002 _____ C:\Users\XXX\Desktop\FRST.txt
2021-09-21 16:13 - 2021-09-21 16:13 - 001222144 _____ C:\Users\XXX\Desktop\RSITx64.exe
2021-09-21 16:09 - 2021-09-21 16:09 - 002304512 _____ (Farbar) C:\Users\XXX\Desktop\FRST64.exe
2021-09-21 15:53 - 2021-09-21 19:27 - 000000000 ____D C:\FRST
2021-09-21 15:39 - 2021-09-21 15:39 - 000388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HijackThis.exe
2021-09-21 14:58 - 2021-09-21 14:58 - 000002296 _____ C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000002259 _____ C:\Users\XXX\Desktop\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Roaming\VBox
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\vback
2021-09-21 14:57 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\Maxthon
2021-09-20 07:44 - 2021-09-20 07:44 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-09-19 14:18 - 2021-09-19 15:53 - 000000000 ____D C:\Users\XXX\Downloads\Alphaville - First Harvest 1984 1992
2021-09-19 10:27 - 2021-09-19 09:33 - 124298470 _____ C:\Users\XXX\Desktop\06.-New Year's Day.flac
2021-09-02 09:27 - 2021-09-02 09:27 - 000001054 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Burnaware
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Program Files (x86)\BurnAware Free

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 19:02 - 2020-02-24 14:02 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job
2021-09-21 18:57 - 2020-02-24 13:57 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job
2021-09-21 18:45 - 2020-11-08 22:45 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job
2021-09-21 18:20 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-21 18:20 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-21 18:14 - 2020-12-23 12:18 - 000000000 ____D C:\Users\UpdatusUser
2021-09-21 18:12 - 2020-02-24 14:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-21 18:11 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-21 18:05 - 2020-12-23 13:15 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-09-21 18:05 - 2020-06-26 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-09-21 18:05 - 2020-04-01 10:25 - 000000000 ____D C:\Users\XXX\AppData\Local\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:24 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:24 - 000000000 ____D C:\ProgramData\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:24 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-09-21 18:05 - 2020-02-24 18:05 - 000000000 ____D C:\Program Files\EPSON
2021-09-21 18:05 - 2020-02-24 12:56 - 000000000 ____D C:\ProgramData\Epson
2021-09-21 18:04 - 2020-06-26 17:00 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Samsung
2021-09-21 18:04 - 2020-06-26 16:59 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-09-21 17:24 - 2020-10-24 11:59 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-21 17:17 - 2020-10-24 11:59 - 000000000 ____D C:\Users\XXX\AppData\Local\Google
2021-09-21 15:39 - 2020-02-08 19:16 - 000000000 ____D C:\Users\XXX\AppData\Local\VirtualStore
2021-09-21 14:27 - 2020-02-20 14:08 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Maxthon5
2021-09-21 14:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-09-21 13:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-19 16:01 - 2020-02-25 13:42 - 000001491 _____ C:\Users\XXX\Desktop\AudioExtractor.ini
2021-09-19 15:56 - 2021-04-26 11:13 - 000000000 ____D C:\Users\XXX\AppData\Roaming\uTorrent
2021-09-19 09:01 - 2020-07-01 16:29 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-19 09:01 - 2020-07-01 16:29 - 000002180 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-15 15:34 - 2020-02-24 19:29 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 15:29 - 2020-02-24 19:29 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-06 14:19 - 2020-02-09 12:03 - 000000000 ____D C:\Users\XXX\My Drivers
2021-09-01 12:00 - 2020-12-23 14:18 - 000000000 ____D C:\SWSHARE
2021-08-30 22:45 - 2020-02-24 17:56 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-24 16:40 - 2009-07-14 17:18 - 000668376 _____ C:\Windows\system32\perfh005.dat
2021-08-24 16:40 - 2009-07-14 17:18 - 000141004 _____ C:\Windows\system32\perfc005.dat
2021-08-24 16:40 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories ========

2020-09-18 11:27 - 2020-09-18 11:27 - 000195296 _____ () C:\Users\XXX\comcat5.dll
2020-04-08 11:23 - 2020-04-08 13:25 - 000001576 _____ () C:\Program Files (x86)\DialogysUninstWPS.bat
2020-04-08 11:23 - 2020-04-08 11:23 - 000000840 _____ () C:\Program Files (x86)\INSTALL.LOG
2020-04-08 11:23 - 2014-09-12 13:01 - 000176055 _____ () C:\Program Files (x86)\UninstScript.EXE
2020-12-23 11:55 - 2020-12-23 12:18 - 000013797 _____ () C:\Users\XXX\AppData\Local\WiDiSetupLog.20201223.105508.wdl

==================== FLock ==============================

2020-12-23 14:37 C:\RRbackups

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-19 16:22
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by XXX (21-09-2021 19:29:45)
Running from C:\Users\XXX\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2020-02-08 17:15:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-555042887-2286466740-3098252512-500 - Administrator - Disabled)
Guest (S-1-5-21-555042887-2286466740-3098252512-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-555042887-2286466740-3098252512-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-555042887-2286466740-3098252512-1003 - Limited - Enabled) => C:\Users\UpdatusUser
XXX (S-1-5-21-555042887-2286466740-3098252512-1000 - Administrator - Enabled) => C:\Users\XXX

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AT&T Service Activation (HKLM-x32\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T)
BurnAware Free 14.6 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.848.0 - Piriform Software) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.1.3973 - Lenovo)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DisplayLink Core Software (HKLM\...\{89AEA34A-171E-4753-B888-C0D410C2CE44}) (Version: 8.0.778.0 - DisplayLink Corp.)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-630 Series Printer Uninstall (HKLM\...\EPSON XP-630 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2401 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
IUWEshare USB Flash Drive Data Recovery 7.9.9.9 (HKLM-x32\...\IUWEshare USB Flash Drive Data Recovery 7.9.9.9_is1) (Version: - IUWEshare)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.24 - Lenovo) Hidden
Lenovo USB Graphics (HKLM\...\{933E6021-BC9A-4B18-B6D9-46A5F5FC4115}) (Version: 8.0.835.0 - Lenovo)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Maxthon (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Maxthon) (Version: 6.1.2.1000 - The Maxthon Authors)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mobile Broadband Connect (HKLM-x32\...\{91B7B957-0F45-4BDC-85BA-08F80D49B9BC}) (Version: 3.5.0011 - Lenovo)
NVIDIA Ovladače grafiky 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
PotPlayer (HKLM-x32\...\PotPlayer) (Version: 1.7.16572 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Qualcomm Gobi 2000 Package for Lenovo (HKLM-x32\...\{666C9123-1AEC-446F-8AA8-28256B1953D4}) (Version: 1.1.250 - QUALCOMM)
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.28.0 - Samsung Electronics Co., Ltd.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.21.8 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17394396DF01}) (Version: 1.00.0029.8 - REALTEK Semiconductor Corp.)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Verizon Wireless Mobile Broadband Self Activation (HKLM-x32\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-555042887-2286466740-3098252512-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\XXX\AppData\Local\Maxthon\Application\6.1.2.1000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-10-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2016-01-15 22:44 - 2016-01-15 22:44 - 000047616 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2015-02-25 15:36 - 2015-02-25 15:36 - 000058880 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skhooks.dll
2014-08-15 16:25 - 2014-08-15 16:25 - 000057856 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKHidKbd.dll
2006-12-05 15:40 - 2006-12-05 15:40 - 000059904 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skosd.dll
2008-10-22 16:20 - 2008-10-22 16:20 - 000138240 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKUtil.DLL
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{7D67F62F-2BA0-4FF9-80AE-D326D4BE690C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6926BE57-48E6-49FA-A296-335F146D96DF}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{7DFE09C3-6864-495A-A3EF-77D3A2DB763D}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{86A09A9A-60A6-462E-A762-49AED13893D5}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{284C3D9C-4A25-4A13-A982-3B2198FC8D58}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{13927131-E4F9-41C2-93DD-04950FEB769C}] => (Allow) C:\Users\XXX\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{871ED391-5A71-48B8-9B9E-2B98A6CC8FBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{00E9DC41-460F-4024-989A-11D109BB2856}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9E40D386-7F7B-448B-B81C-AD814D2E733B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8A7F456D-4E01-468F-851A-74EF3684B5D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3BEA038D-1B59-40E9-B551-25B5EC161D11}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76BE50F8-1CA5-43B6-BCC6-C17D70467229}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CBB7380F-9FEC-424E-9164-8F9522F4C7E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADC17498-BC38-4EBE-B66C-64F047C35FD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CEF79BF-0736-446B-8F26-DE16769CCF0E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BF6FAF57-AC1C-408F-9001-6BF71500492A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F61E3A6F-ACB2-4B20-8C5E-5D54B2DF1376}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{71BA67F0-E50F-4CD5-BB0E-CEC2C1DB2FA2}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{10DC4035-8F5D-447A-973D-4F7964259756}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{69C00D4E-C50E-4D13-A252-B662624C36E5}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)

==================== Restore Points =========================

14-09-2021 15:38:44 Naplánovaný kontrolní bod
15-09-2021 15:28:45 Windows Update
19-09-2021 08:43:24 Windows Update
21-09-2021 14:25:47 Revo Uninstaller's restore point - MX5
21-09-2021 17:14:20 Revo Uninstaller's restore point - Google Chrome
21-09-2021 18:04:02 AdwCleaner_BeforeCleaning_21/09/2021_18:04:02

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/21/2021 06:11:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 06:11:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 06:11:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 05:14:20 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {de77b411-4f17-4f57-abb6-aa2c42d93fb6}

Error: (09/21/2021 04:35:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:35:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:35:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (09/21/2021 06:11:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EpsonCustomerResearchParticipation neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/21/2021 06:11:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DCIService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Qualcomm Gobi 2000 Download Service (Lenovo) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba DisplayLinkManager byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EpsonCustomerResearchParticipation byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-04-26 09:38:50.500
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{A0077DBA-7632-4B8B-AE90-ECCE7E5F0E3E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-07-08 13:46:11.190
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BC9E8BC5-61A9-4A91-959B-3899005B7795}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-02-24 21:21:02.063
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1E1630B-ED6F-4590-BF61-76DFED615DED}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:XXX-PC\XXX

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.228
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.227
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:20:40.239
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: LENOVO 6MET81WW (1.41 ) 10/26/2010
Motherboard: LENOVO 4384FV7
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 5939.67 MB
Available physical RAM: 2672.59 MB
Total Virtual: 11877.49 MB
Available Virtual: 8288.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:295.98 GB) (Free:86.27 GB) NTFS
Drive d: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.64 GB) NTFS

\\?\Volume{e4a7b4c5-4a95-11ea-ad6d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6479A2B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Můžu nějak smazat tohle?

C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION

Zkusíme. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
HKLM-x32\...\Run: [] => [X]
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by XXX (21-09-2021 20:04:52) Run:1
Running from C:\Users\XXX\Desktop
Loaded Profiles: XXX & UpdatusUser
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
HKLM-x32\...\Run: [] => [X]
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32FB940B-CD78-4151-A1E9-3C6E857E3869}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB}" => removed successfully
C:\Windows\System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34A296ED-6081-4403-A8B5-F7E8F256225C}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9 => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23642674 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 562625 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558406 B
systemprofile32 => 58649373 B
LocalService => 58715601 B
NetworkService => 58781829 B
XXX => 335888577 B
UpdatusUser => 335888577 B

RecycleBin => 30938577 B
EmptyTemp: => 925.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:05:26 ====

Smazáno. Nastala nějaká změna?

Je to v pořádku! Problémy s načítáním zmizely.
Moc děkuji

Rádo se stalo!