VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=158283

Stránka 1 z 1

kontrola logu

Napsal: 30 zář 2021 20:15
od r0ach
Dobrý večer,
chtěl bych poprosit kontrolu logu. Dostal se mi pod ruku starý notebook, který byl léta neudržován a sloužíl(slouží) výhradně na sledování filmů a téměř nic zde již nefunguje.
Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by pribram (administrator) on PRIBRAM-PC (Packard Bell EasyNote TS13HR) (30-09-2021 21:02:58)
Running from C:\Users\pribram\Desktop
Loaded Profiles: pribram
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink -> CyberLink) [File not signed] C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google Inc -> Google Inc.) C:\Users\pribram\AppData\Local\Google\Chrome\Application\chrome.exe <3>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee Security Scan\3.11.2296\SSScheduler.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <5>
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe <2>
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify AB -> Spotify Ltd) C:\Users\pribram\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(WIBU-SYSTEMS AG) [File not signed] C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1796200 2011-02-23] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [8126464 2009-06-11] (C-Media Corporation) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-12] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4092112 2021-09-28] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Run: [Spotify Web Helper] => C:\Users\pribram\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [456224 2010-07-29] (Acer Incorporated -> )
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [110264 2013-04-09] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-21] (NVIDIA Corporation -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2021-09-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.2296\SSScheduler.exe (McAfee, LLC -> McAfee, LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2012-03-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07C3DDF9-EC07-4930-8FF6-565ADAD19D23} - \Scheduled Update for Ask Toolbar -> No File <==== ATTENTION
Task: {086A5B77-3722-4051-B6BD-E47A355C10FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4529944 2014-05-20] (Piriform Ltd -> Piriform Ltd)
Task: {0B2C5E0F-7022-40F1-9F1F-CCD796FD4155} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {0F2F47BD-0FBB-4BD3-AFFA-2E1D8342214F} - System32\Tasks\{77C1C755-35EF-44AD-A0E8-839213D25C0C} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Desktop\cod2\cod2mp_s.exe -d C:\Users\pribram\Desktop\cod2\
Task: {24C7E51D-930F-4DEB-B4FA-688216FABFE2} - System32\Tasks\{103512F1-1238-4FD6-B78C-DAC84889B1D8} => C:\Windows\system32\pcalua.exe -a "E:\Call Of Duty 2\setup.exe" -d "E:\Call Of Duty 2"
Task: {27FE69AE-7C3B-43BF-BCFA-88BD75A22AE0} - System32\Tasks\{F9175C06-5ABA-4D29-AA79-336AC94EA10D} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/5.0.0.152.370/ ... Error=1603
Task: {293D677A-493C-4004-AD35-F678241603A8} - \Advanced System Protector_startup -> No File <==== ATTENTION
Task: {3739CFF4-5B27-4BC0-9089-62C7372CCEEF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {3A3988E0-8C4A-46C9-AED6-D0879AAF95D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1582731092 => C:\Program Files (x86)\Opera\launcher.exe [3152592 2021-09-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {3B693E28-71BB-401B-9DD9-A0B3A8871583} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {543B801B-19ED-48C9-BA37-A149BEBCCA99} - System32\Tasks\AdobeAAMUpdater-1.0-pribram-PC-pribram => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6D0EA0FC-0AB4-4A7F-A11E-3AEC57F00070} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {76D7E064-2B35-4F83-AA3B-06084B53850C} - System32\Tasks\Opera scheduled Autoupdate 1407151924 => C:\Program Files (x86)\Opera\launcher.exe [3152592 2021-09-21] (Opera Software AS -> Opera Software)
Task: {94BCEF8B-41F2-4E1F-81B1-64DEE4F01B5A} - System32\Tasks\{0088D3C3-3137-40F5-B732-E8E7089987E5} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Downloads\Minecraft.exe -d C:\Users\pribram\Downloads
Task: {9679D1AE-7C51-4E45-A33B-65DA902124E6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D373C690-761B-42F1-8EB0-288C4C1B5B17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3888868643-3751209935-4175876941-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {DC0E7272-3E41-4F87-BC40-920C1F4B4739} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [969824 2010-10-28] (CyberLink -> CyberLink) [File not signed]
Task: {DD08C149-7568-4DB1-9D4A-AE4243950C6C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {E7CD08E3-65CB-4390-BAA9-63BFEE946552} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{1B4B3E74-B488-4653-96A2-791F89215742}: [DhcpNameServer] 86.49.5.221 86.49.5.222

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\pribram\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-30]

FireFox:
========
FF DefaultProfile: s85s1uj9.default
FF ProfilePath: C:\Users\pribram\AppData\Roaming\Mozilla\Firefox\Profiles\s85s1uj9.default [2021-09-30]
FF Homepage: Mozilla\Firefox\Profiles\s85s1uj9.default -> hxxp://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\s85s1uj9.default -> hxxps://fastshare.cz; hxxps://www.freefilm.sk
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: google@search.mozilla.org
FF Extension: (No Name) - C:\Users\pribram\AppData\Roaming\Mozilla\Firefox\Profiles\s85s1uj9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pribram\AppData\Roaming\Mozilla\Firefox\Profiles\s85s1uj9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-21] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] (Apple Inc. -> )
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-03-13] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll [2012-06-14] (WildTangent Inc -> )
FF Plugin HKU\S-1-5-21-3888868643-3751209935-4175876941-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pribram\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aaaapodhaoggdemfffbmjpgfgekfjjpe] - C:\Users\pribram\AppData\Local\APN\GoogleCRXs\aaaapodhaoggdemfffbmjpgfgekfjjpe_7.17.1.0.crx <not found>

Opera:
=======
OPR Profile: C:\Users\pribram\AppData\Roaming\Opera Software\Opera Stable [2021-09-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\pribram\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor9.0; c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-12] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-12] (ESET, spol. s r.o. -> ESET)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [873064 2011-02-23] (Acer Incorporated -> Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
S4 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-03-12] (LLC Mail.Ru -> )
S4 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated -> Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.2296\McCHSvc.exe [416752 2021-09-03] (McAfee, LLC -> McAfee, LLC)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation -> NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2012-03-20] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2012-03-21] (Even Balance, Inc. -> )
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2010-10-28] (CyberLink -> ) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2377216 2010-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-13] (DT Soft Ltd -> DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-12] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-12] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110376 2018-07-12] (ESET, spol. s r.o. -> ESET)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1306624 2009-06-11] (C-Media Electronics Incorporation -> C-Media Electronics Inc)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [107008 2007-08-21] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-30 21:02 - 2021-09-30 21:05 - 000022932 _____ C:\Users\pribram\Desktop\FRST.txt
2021-09-30 21:02 - 2021-09-30 21:04 - 000000000 ____D C:\FRST
2021-09-30 21:00 - 2021-09-30 21:00 - 002304512 _____ (Farbar) C:\Users\pribram\Desktop\FRST64.exe
2021-09-30 20:55 - 2021-09-30 20:57 - 000000000 ____D C:\Users\pribram\Desktop\fotky – kopie
2021-09-30 20:39 - 2021-09-30 20:55 - 000000000 ____D C:\Users\pribram\Desktop\2017-04-16 – kopie
2021-09-30 20:37 - 2021-09-30 20:39 - 000000000 ____D C:\Users\pribram\Desktop\2018-04-30 – kopie
2021-09-30 20:35 - 2021-09-30 20:35 - 000000000 ____D C:\Users\pribram\Desktop\programy – kopie (2)
2021-09-30 20:30 - 2021-09-30 20:30 - 000000000 ____D C:\Users\pribram\Desktop\fotky jára – kopie
2021-09-30 20:29 - 2021-09-30 20:29 - 000000000 ____D C:\Users\pribram\Desktop\programy – kopie
2021-09-29 15:51 - 2021-09-29 15:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-09-28 16:51 - 2021-09-30 16:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-09-25 15:57 - 2021-09-28 16:45 - 000004054 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582731092
2021-09-15 16:02 - 2021-09-15 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2021-09-15 16:01 - 2021-09-29 16:21 - 000000000 ____D C:\ProgramData\McAfee Security Scan

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-30 20:59 - 2012-05-16 16:10 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-30 20:58 - 2016-11-19 08:56 - 000000000 ____D C:\Users\pribram\AppData\LocalLow\Mozilla
2021-09-30 20:51 - 2012-03-12 22:30 - 000000000 ____D C:\Users\pribram\AppData\Roaming\ICQ
2021-09-30 20:32 - 2011-07-08 20:46 - 000669576 _____ C:\Windows\system32\perfh005.dat
2021-09-30 20:32 - 2011-07-08 20:46 - 000141946 _____ C:\Windows\system32\perfc005.dat
2021-09-30 20:32 - 2009-07-14 07:13 - 001586202 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-30 20:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-30 20:30 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-30 20:30 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-30 20:22 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-30 16:12 - 2012-05-16 16:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-29 15:51 - 2014-06-19 13:57 - 000010110 _____ C:\Windows\wininit.ini
2021-09-25 15:51 - 2014-08-04 13:32 - 000000000 ____D C:\Program Files (x86)\Opera
2021-09-23 15:55 - 2019-12-16 17:22 - 000003850 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1407151924
2021-09-15 18:07 - 2013-08-05 14:09 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 18:06 - 2012-03-12 09:49 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-15 16:02 - 2017-07-02 09:09 - 000001985 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2021-09-15 16:02 - 2015-11-22 09:40 - 000000000 ____D C:\Program Files\McAfee Security Scan
2021-09-15 16:02 - 2011-10-22 14:20 - 000000000 ____D C:\ProgramData\McAfee
2021-09-05 15:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories ========

2013-06-28 13:45 - 2013-10-04 14:11 - 000003726 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2017-10-07 22:29 - 2017-11-04 00:50 - 000000080 _____ () C:\Users\pribram\AppData\Roaming\mBot.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-08-28 15:23
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by pribram (30-09-2021 21:05:55)
Running from C:\Users\pribram\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-15 17:42:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3888868643-3751209935-4175876941-500 - Administrator - Disabled)
Guest (S-1-5-21-3888868643-3751209935-4175876941-501 - Limited - Disabled)
pribram (S-1-5-21-3888868643-3751209935-4175876941-1000 - Administrator - Enabled) => C:\Users\pribram

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Agatha Christie - 4:50 from Paddington (HKLM-x32\...\WTA-02ef7b87-376f-431f-83ea-ee499658ef5a) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 11 CZE (HKLM-x32\...\001FFFFFFF11FF00FF1101F03F02F000-R1) (Version: - )
Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-933c9b9f-de2d-42a3-b5d8-f1f6e2fc936d) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1071 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Crazy Chicken Kart 2 (HKLM-x32\...\WTA-a244102d-bbad-4c41-ab00-5919ebb1dec3) (Version: 2.2.0.95 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.0.1027_32100 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WTA-4d744879-bab8-4b0f-bded-1341421b42b8) (Version: 2.2.0.95 - WildTangent) Hidden
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
F1 2011 (HKLM-x32\...\{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters) Hidden
F1 2011 (HKLM-x32\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)
F1 Race Stars (HKLM-x32\...\F1 Race Stars_is1) (Version: - )
FATE (HKLM-x32\...\WTA-6eca5e8f-5556-4929-b00d-3dc6570c08c4) (Version: 2.2.0.95 - WildTangent) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Google Chrome) (Version: 15.0.874.102 - Google Inc.)
Guard.ICQ (HKLM-x32\...\Guard.Mail.ru) (Version: - Mail.ru)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8520 - CyberLink Corporation)
Chuzzle Deluxe (HKLM-x32\...\WTA-6f59222e-2497-4955-b407-658f26492867) (Version: 2.2.0.95 - WildTangent) Hidden
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) SE Runtime Environment 6 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Jewel Quest Solitaire (HKLM-x32\...\WTA-5c6c818c-2c3e-44f5-a433-50d295832c9f) (Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-7b9ca775-569c-4330-9c54-664679fde1a6) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Packard Bell)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Malwarebytes Anti-Malware verze 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.2296.1 - McAfee, LLC)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 92.0.1 (x64 cs)) (Version: 92.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 92.0.1.7935 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (HKLM-x32\...\WTA-caea413b-0915-4a71-aec5-0b7c018cf483) (Version: 2.2.0.95 - WildTangent) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA Graphics Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 79.0.4143.50 (HKLM-x32\...\Opera 79.0.4143.50) (Version: 79.0.4143.50 - Opera Software)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.4 - WildTangent)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3004 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.2211 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.2211 - CyberLink Corp.)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Packard Bell)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Penguins! (HKLM-x32\...\WTA-65e0c5e2-a76e-4ec8-9ee2-18b7c0843491) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-d7c857c7-4481-4739-ae9d-b7bc70ceb5b6) (Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-4d4d1025-4679-4a6c-bbdf-b0d0f536a83c) (Version: 2.2.0.95 - WildTangent) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rapture3D 2.5.1 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (HKLM-x32\...\WTA-1a27f9cb-a896-4b40-9738-35a2a4445461) (Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Swords and Sandals 2 2.0 (HKLM-x32\...\Swords and Sandals 2) (Version: 2.0 - 3RDsense)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
Torchlight (HKLM-x32\...\WTA-82ba40dc-d1d0-48f5-9eb7-86bcd1acb5ca) (Version: 2.2.0.95 - WildTangent) Hidden
TPA 3.10 (HKLM-x32\...\{66A722D8-3D74-4BC4-8857-E042320BE871}) (Version: 3.1.0 - Halfen GmbH)
Unity Web Player (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
Virtual Villagers - The Secret City (HKLM-x32\...\WTA-b7e9a885-7f60-4552-b78d-b3e693d99a33) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wedding Dash (HKLM-x32\...\WTA-74f12377-2863-44f4-ae8b-26500385e784) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3102 - Packard Bell)
WIBU-KEY Setup (WIBU-KEY Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 5.20a of 2006-Dec-01 (Setup) - WIBU-SYSTEMS AG)
WildTangent Games App (Packard Bell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.5.31 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zuma Deluxe (HKLM-x32\...\WTA-dd113bc0-f837-411e-a5cd-8bc5e44e1fc9) (Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\ChromeHTML: -> C:\Users\pribram\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [79360 2012-04-09] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2011-04-15 10:33 - 2010-09-14 03:28 - 000058880 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-03-30 23:41 - 2012-02-17 20:55 - 000193536 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2019-05-16 15:45 - 2019-05-16 15:45 - 000169984 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2c30c654704cd4c5da6c4e5375bca8fc\IsdiInterop.ni.dll
2011-07-08 20:09 - 2010-12-22 21:50 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2012-03-11 20:30 - 2009-06-11 15:09 - 008126464 ____R (C-Media Corporation) [File not signed] C:\Windows\Syswow64\cm106.dll
2010-10-28 18:55 - 2010-10-28 18:55 - 000154720 _____ (CyberLink -> CyberLink) [File not signed] C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\WPDDM.dll
2019-05-16 15:45 - 2019-05-16 15:45 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\737c502d3c6e228d096bcb323581dd5c\IAStorCommon.ni.dll
2011-04-15 10:33 - 2010-09-14 03:28 - 000006656 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2011-07-08 20:09 - 2010-12-22 21:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-04-15 10:33 - 2010-09-14 03:25 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2020-01-16 17:38 - 2020-01-16 17:38 - 000219136 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\459d768b5f6702bc994c22ad73a7e40d\IAStorDataMgr.ni.dll
2020-01-16 17:38 - 2020-01-16 17:38 - 000474624 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\115d60cb35ed641842c492ad7affab0b\IAStorUtil.ni.dll
2011-10-22 15:24 - 2011-10-22 15:24 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2011-10-22 15:17 - 2011-10-22 15:17 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2013-04-08 19:03 - 2013-04-08 19:03 - 000299008 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\PDF Architect\libcurl.dll
2013-04-08 19:03 - 2013-04-08 19:03 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PDF Architect\LIBEAY32.dll
2013-04-08 19:03 - 2013-04-08 19:03 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PDF Architect\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-13] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-13] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2021-09-15 16:02 - 000000164 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.1 mssplus.mcafee.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pribram\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5A02C50A-01DE-41ED-8856-5FE8E9DF035D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D4A60D4-8EFE-4607-AF4D-3F126DDF1350}] => (Allow) LPort=2869
FirewallRules: [{9B731E8A-FD57-4920-B914-9B3F4AE3CEFA}] => (Allow) LPort=1900
FirewallRules: [{062D1431-5CB9-4BD7-8E69-8C8205DFE350}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E8A6D95-5CFC-40B8-BF35-EED487B96596}] => (Allow) C:\Program Files (x86)\CyberLink\HomeMedia\HomeMedia.exe (CyberLink -> CyberLink)
FirewallRules: [{E955A45E-E9BF-43B4-9A83-8504D0255EAB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86F853A8-A149-42E1-AA9C-DCB5118BA9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{714C057A-380C-4463-B295-28EA8C26FC70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{304E31D5-6C1C-43C8-8B61-769A7D42A5A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FDF007E9-340A-43AC-8CD7-99C0FC8A5D9E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{66620F4E-5EEA-48BC-B01F-B7E266D9BA44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{24C36F97-9ED9-4ADE-81BC-51E1DF209554}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{6DF84132-7FB9-41B7-84EA-D0535862148C}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [{0D6A760C-EC45-45F9-94C8-08ADFC6F6914}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{3A4D8574-173A-414D-B275-31EF07385560}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{BB7241E0-7B8C-4FA5-9567-11E992B2EDB5}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{E1A1EC0C-4FA9-4F11-929F-BB1618846EC6}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{23345F3B-21E4-43E5-AE32-EF7D33AE31F4}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{F14C1055-BECF-409C-865E-96E78D225528}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [{9E58D8FE-916D-4658-B72A-ED040EBB14A8}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [{D0F77365-2966-4552-9532-44F09D5C5DB1}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [{28EC44CB-F4EF-4F3D-B47C-11025D5C9743}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{DDAE7BE5-F6C0-46C0-936A-54B06E499560}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{54460604-2E92-4FEA-B597-C8B7F699B699}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{F9914806-0762-4782-B33B-4846A46F6760}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{B84CAA75-1A12-4036-9C19-848F3D347F41}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{207A0987-A4FF-47E6-942D-F82716117040}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6628FDA3-6CDF-4624-9EF6-7DD411E2A261}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{F81967F2-83B5-4751-8970-25E214AE3ED0}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4781BFA6-ADA3-4FA7-AF9A-7DE04AE0D8DB}] => (Allow) C:\Users\pribram\AppData\Local\Torch\Application\torch.exe => No File
FirewallRules: [{103820AA-BB25-4796-84A0-F73B1D39D8F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{DC103464-2364-419D-8BC9-93F908536D2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{1484CDC6-81FA-44DA-A440-9BD5DEF09EB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{8C5A34D5-34E9-4CFF-AE13-DCFADB3F83CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{5E1E4436-A11C-4EE3-8867-404987BB5CE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{A747395C-3D6C-4662-A0AA-962591DAF372}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{615C39A6-F0A4-4F18-96FD-0FA9E6D56E49}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6E0458C9-17A7-4063-BC35-A73C81F0449E}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [UDP Query User{77FF1A97-BDEC-4F06-B405-2A9D5C15EDC9}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [{F91AA921-9CB9-42B3-B666-9CF722E86C59}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9DA3B69-DA80-43A6-8077-093408E85C78}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{72197F54-D9F3-4455-A908-C971753C4DF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C78F16D3-897B-42C2-B2E7-F6D9F085F9D5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3719D21-7CCB-47E8-A53C-0A49627CEFA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8240D3E7-D229-457B-ACC8-50AD77ABEF21}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E1C81CC-25F4-4B1A-BB62-94DF84107CD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [{C66D1FB1-E945-470C-87D9-6B0E4D75FB9A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [TCP Query User{F3F1FFBF-C4B3-4475-AE43-C45403EAC022}C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe] => (Allow) C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{A28E8A6B-5763-49A5-AC2D-1B88C739EC36}C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe] => (Allow) C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{FC5CB1B2-FFB9-4F41-B5D0-DF4ADC79DD10}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{5F71F108-225A-4283-8A48-5EC5D93E0336}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{0E64B58D-F829-452F-A19A-CB14F9960CAD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{B37A0558-0E35-48E0-804B-DA807CBC5BDB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [{40C20C7F-CD95-4ACB-8FB8-A9FE9C98CEB3}] => (Allow) C:\Program Files (x86)\Opera\78.0.4093.231\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2F52592A-0BEC-4E14-836D-A1D8D426C1F0}] => (Allow) C:\Program Files (x86)\Opera\79.0.4143.50\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

10-08-2021 15:04:26 Windows Update
11-08-2021 16:25:10 Windows Update
15-08-2021 16:52:36 Windows Update
19-08-2021 16:14:10 Windows Update
25-08-2021 15:59:53 Windows Update
29-08-2021 15:22:16 Windows Update
02-09-2021 16:12:05 Windows Update
06-09-2021 11:09:15 Windows Update
09-09-2021 15:30:49 Windows Update
13-09-2021 16:21:46 Windows Update
15-09-2021 18:05:47 Windows Update
19-09-2021 15:50:18 Windows Update
22-09-2021 16:03:03 Windows Update
28-09-2021 16:48:54 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/30/2021 08:22:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/30/2021 04:13:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/29/2021 03:49:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/28/2021 04:40:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/27/2021 04:28:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/26/2021 04:23:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/25/2021 04:18:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 194955

Error: (09/25/2021 04:18:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 194955


System errors:
=============
Error: (09/30/2021 08:39:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/30/2021 08:39:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/30/2021 06:11:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/30/2021 06:11:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/30/2021 04:24:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/30/2021 04:24:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/12/2021 05:22:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service přestala během spouštění reagovat.

Error: (09/12/2021 05:20:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.


Windows Defender:
================
Date: 2021-06-29 15:57:10.925
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 15:57:10.925
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 17:26:21.340
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.8.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 17:26:21.333
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-06 17:15:20.670
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.339.21.0
Předchozí verze podpisu:1.337.491.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18100.6
Předchozí verze modulu:1.1.18100.5
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Packard Bell V1.11 05/24/2011
Motherboard: Packard Bell SJV50_HR
Processor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz
Percentage of memory in use: 90%
Total physical RAM: 3947.86 MB
Available physical RAM: 381.57 MB
Total Virtual: 7893.86 MB
Available Virtual: 3652.35 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:445.66 GB) (Free:104.63 GB) NTFS
Drive q: () (Fixed) (Total:0 GB) (Free:0 GB)

\\?\Volume{95822ec5-a98b-11e0-b4bc-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{95822ec4-a98b-11e0-b4bc-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:20 GB) (Free:3.29 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0C6F7E9A)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: kontrola logu

Napsal: 30 zář 2021 20:59
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: kontrola logu

Napsal: 30 zář 2021 21:06
od r0ach
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-30-2021
# Duration: 00:00:09
# OS: Windows 7 Home Premium
# Cleaned: 64
# Failed: 0


***** [ Services ] *****

Deleted Guard.Mail.ru

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Guard-ICQ
Deleted C:\ProgramData\ICQ\ICQNewTab
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search

***** [ Files ] *****

Deleted C:\Program Files (x86)\Mozilla Firefox\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKCU\Software\torch
Deleted HKLM\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.png\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\Applications\TorchSetup-r88-n-bc.exe
Deleted HKLM\SOFTWARE\Classes\Applications\TorchSetupFull-r0-n-bc.exe
Deleted HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07C3DDF9-EC07-4930-8FF6-565ADAD19D23}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07C3DDF9-EC07-4930-8FF6-565ADAD19D23}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{293D677A-493C-4004-AD35-F678241603A8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector_startup
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4781BFA6-ADA3-4FA7-AF9A-7DE04AE0D8DB}
Deleted HKLM\Software\Classes\Search.BrowserWndAPI
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{63EDCDD3-8AFC-4358-A90F-F7FB8F5C64FF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}
Deleted HKLM\Software\Wow6432Node\\Clients\StartMenuInternet\Torch
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Deleted HKLM\Software\Wow6432Node\torch
Deleted HKU\.DEFAULT\Software\AVG Secure Search
Deleted HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted HKU\S-1-5-18\Software\AVG Secure Search
Deleted HKU\S-1-5-18\Software\AskPartnerNetwork

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12884 octets] - [30/09/2021 22:04:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: kontrola logu

Napsal: 01 říj 2021 09:25
od Rudy
Dejte nové logy FRST+Addition.

Re: kontrola logu

Napsal: 01 říj 2021 18:23
od r0ach
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by pribram (administrator) on PRIBRAM-PC (Packard Bell EasyNote TS13HR) (01-10-2021 19:07:50)
Running from C:\Users\pribram\Desktop
Loaded Profiles: pribram
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink -> CyberLink) [File not signed] C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee Security Scan\3.11.2296\SSScheduler.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify AB -> Spotify Ltd) C:\Users\pribram\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(WIBU-SYSTEMS AG) [File not signed] C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1796200 2011-02-23] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [8126464 2009-06-11] (C-Media Corporation) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-12] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4092112 2021-09-28] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Run: [Spotify Web Helper] => C:\Users\pribram\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [456224 2010-07-29] (Acer Incorporated -> )
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [110264 2013-04-09] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-21] (NVIDIA Corporation -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2021-09-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.2296\SSScheduler.exe (McAfee, LLC -> McAfee, LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2012-03-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {086A5B77-3722-4051-B6BD-E47A355C10FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4529944 2014-05-20] (Piriform Ltd -> Piriform Ltd)
Task: {0B2C5E0F-7022-40F1-9F1F-CCD796FD4155} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {0F2F47BD-0FBB-4BD3-AFFA-2E1D8342214F} - System32\Tasks\{77C1C755-35EF-44AD-A0E8-839213D25C0C} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Desktop\cod2\cod2mp_s.exe -d C:\Users\pribram\Desktop\cod2\
Task: {24C7E51D-930F-4DEB-B4FA-688216FABFE2} - System32\Tasks\{103512F1-1238-4FD6-B78C-DAC84889B1D8} => C:\Windows\system32\pcalua.exe -a "E:\Call Of Duty 2\setup.exe" -d "E:\Call Of Duty 2"
Task: {27FE69AE-7C3B-43BF-BCFA-88BD75A22AE0} - System32\Tasks\{F9175C06-5ABA-4D29-AA79-336AC94EA10D} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/5.0.0.152.370/ ... Error=1603
Task: {3739CFF4-5B27-4BC0-9089-62C7372CCEEF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {3A3988E0-8C4A-46C9-AED6-D0879AAF95D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1582731092 => C:\Program Files (x86)\Opera\launcher.exe [3152592 2021-09-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {3B693E28-71BB-401B-9DD9-A0B3A8871583} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {543B801B-19ED-48C9-BA37-A149BEBCCA99} - System32\Tasks\AdobeAAMUpdater-1.0-pribram-PC-pribram => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6D0EA0FC-0AB4-4A7F-A11E-3AEC57F00070} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {76D7E064-2B35-4F83-AA3B-06084B53850C} - System32\Tasks\Opera scheduled Autoupdate 1407151924 => C:\Program Files (x86)\Opera\launcher.exe [3152592 2021-09-21] (Opera Software AS -> Opera Software)
Task: {94BCEF8B-41F2-4E1F-81B1-64DEE4F01B5A} - System32\Tasks\{0088D3C3-3137-40F5-B732-E8E7089987E5} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Downloads\Minecraft.exe -d C:\Users\pribram\Downloads
Task: {9679D1AE-7C51-4E45-A33B-65DA902124E6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D373C690-761B-42F1-8EB0-288C4C1B5B17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3888868643-3751209935-4175876941-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {DC0E7272-3E41-4F87-BC40-920C1F4B4739} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [969824 2010-10-28] (CyberLink -> CyberLink) [File not signed]
Task: {DD08C149-7568-4DB1-9D4A-AE4243950C6C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {E7CD08E3-65CB-4390-BAA9-63BFEE946552} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{1B4B3E74-B488-4653-96A2-791F89215742}: [DhcpNameServer] 86.49.5.221 86.49.5.222

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\pribram\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-30]

FireFox:
========
FF DefaultProfile: s85s1uj9.default
FF ProfilePath: C:\Users\pribram\AppData\Roaming\Mozilla\Firefox\Profiles\s85s1uj9.default [2021-09-30]
FF Homepage: Mozilla\Firefox\Profiles\s85s1uj9.default -> hxxp://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\s85s1uj9.default -> hxxps://fastshare.cz; hxxps://www.freefilm.sk
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\s85s1uj9.default -> Enabled: google@search.mozilla.org
FF Extension: (No Name) - C:\Users\pribram\AppData\Roaming\Mozilla\Firefox\Profiles\s85s1uj9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pribram\AppData\Roaming\Mozilla\Firefox\Profiles\s85s1uj9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-21] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] (Apple Inc. -> )
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-03-13] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll [2012-06-14] (WildTangent Inc -> )
FF Plugin HKU\S-1-5-21-3888868643-3751209935-4175876941-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pribram\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aaaapodhaoggdemfffbmjpgfgekfjjpe] - C:\Users\pribram\AppData\Local\APN\GoogleCRXs\aaaapodhaoggdemfffbmjpgfgekfjjpe_7.17.1.0.crx <not found>

Opera:
=======
OPR Profile: C:\Users\pribram\AppData\Roaming\Opera Software\Opera Stable [2021-10-01]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\pribram\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor9.0; c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-12] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-12] (ESET, spol. s r.o. -> ESET)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [873064 2011-02-23] (Acer Incorporated -> Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
S4 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated -> Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.2296\McCHSvc.exe [416752 2021-09-03] (McAfee, LLC -> McAfee, LLC)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation -> NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2012-03-20] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2012-03-21] (Even Balance, Inc. -> )
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2010-10-28] (CyberLink -> ) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2377216 2010-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-13] (DT Soft Ltd -> DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-12] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-12] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110376 2018-07-12] (ESET, spol. s r.o. -> ESET)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1306624 2009-06-11] (C-Media Electronics Incorporation -> C-Media Electronics Inc)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [107008 2007-08-21] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-30 22:03 - 2021-09-30 22:05 - 000000000 ____D C:\AdwCleaner
2021-09-30 22:02 - 2021-09-30 22:02 - 008553680 _____ (Malwarebytes) C:\Users\pribram\Desktop\AdwCleaner.exe
2021-09-30 22:01 - 2021-09-30 22:01 - 002101944 _____ (Malwarebytes) C:\Users\pribram\Desktop\MBSetup-119967.119967-consumer.exe
2021-09-30 21:05 - 2021-09-30 21:09 - 000049480 _____ C:\Users\pribram\Desktop\Addition.txt
2021-09-30 21:02 - 2021-10-01 19:10 - 000022381 _____ C:\Users\pribram\Desktop\FRST.txt
2021-09-30 21:02 - 2021-10-01 19:10 - 000000000 ____D C:\FRST
2021-09-30 21:00 - 2021-09-30 21:00 - 002304512 _____ (Farbar) C:\Users\pribram\Desktop\FRST64.exe
2021-09-29 15:51 - 2021-09-29 15:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-09-28 16:51 - 2021-09-30 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-09-25 15:57 - 2021-09-28 16:45 - 000004054 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582731092
2021-09-15 16:02 - 2021-09-15 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2021-09-15 16:01 - 2021-09-29 16:21 - 000000000 ____D C:\ProgramData\McAfee Security Scan

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-01 19:04 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-30 22:06 - 2012-05-16 16:10 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-30 22:05 - 2016-11-19 08:56 - 000000000 ____D C:\Users\pribram\AppData\LocalLow\Mozilla
2021-09-30 22:05 - 2012-03-12 22:31 - 000000000 ____D C:\ProgramData\ICQ
2021-09-30 20:51 - 2012-03-12 22:30 - 000000000 ____D C:\Users\pribram\AppData\Roaming\ICQ
2021-09-30 20:32 - 2011-07-08 20:46 - 000669576 _____ C:\Windows\system32\perfh005.dat
2021-09-30 20:32 - 2011-07-08 20:46 - 000141946 _____ C:\Windows\system32\perfc005.dat
2021-09-30 20:32 - 2009-07-14 07:13 - 001586202 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-30 20:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-30 20:30 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-30 20:30 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-30 16:12 - 2012-05-16 16:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-29 15:51 - 2014-06-19 13:57 - 000010110 _____ C:\Windows\wininit.ini
2021-09-25 15:51 - 2014-08-04 13:32 - 000000000 ____D C:\Program Files (x86)\Opera
2021-09-23 15:55 - 2019-12-16 17:22 - 000003850 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1407151924
2021-09-15 18:07 - 2013-08-05 14:09 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 18:06 - 2012-03-12 09:49 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-15 16:02 - 2017-07-02 09:09 - 000001985 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2021-09-15 16:02 - 2015-11-22 09:40 - 000000000 ____D C:\Program Files\McAfee Security Scan
2021-09-15 16:02 - 2011-10-22 14:20 - 000000000 ____D C:\ProgramData\McAfee
2021-09-05 15:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories ========

2013-06-28 13:45 - 2013-10-04 14:11 - 000003726 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2017-10-07 22:29 - 2017-11-04 00:50 - 000000080 _____ () C:\Users\pribram\AppData\Roaming\mBot.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-08-28 15:23
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by pribram (01-10-2021 19:11:55)
Running from C:\Users\pribram\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-15 17:42:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3888868643-3751209935-4175876941-500 - Administrator - Disabled)
Guest (S-1-5-21-3888868643-3751209935-4175876941-501 - Limited - Disabled)
pribram (S-1-5-21-3888868643-3751209935-4175876941-1000 - Administrator - Enabled) => C:\Users\pribram

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Agatha Christie - 4:50 from Paddington (HKLM-x32\...\WTA-02ef7b87-376f-431f-83ea-ee499658ef5a) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 11 CZE (HKLM-x32\...\001FFFFFFF11FF00FF1101F03F02F000-R1) (Version: - )
Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-933c9b9f-de2d-42a3-b5d8-f1f6e2fc936d) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1071 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Crazy Chicken Kart 2 (HKLM-x32\...\WTA-a244102d-bbad-4c41-ab00-5919ebb1dec3) (Version: 2.2.0.95 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.0.1027_32100 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WTA-4d744879-bab8-4b0f-bded-1341421b42b8) (Version: 2.2.0.95 - WildTangent) Hidden
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{25175695-4B20-4298-9F34-C2C57CD277B3}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
F1 2011 (HKLM-x32\...\{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters) Hidden
F1 2011 (HKLM-x32\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)
F1 Race Stars (HKLM-x32\...\F1 Race Stars_is1) (Version: - )
FATE (HKLM-x32\...\WTA-6eca5e8f-5556-4929-b00d-3dc6570c08c4) (Version: 2.2.0.95 - WildTangent) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Google Chrome) (Version: 15.0.874.102 - Google Inc.)
Guard.ICQ (HKLM-x32\...\Guard.Mail.ru) (Version: - Mail.ru)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8520 - CyberLink Corporation)
Chuzzle Deluxe (HKLM-x32\...\WTA-6f59222e-2497-4955-b407-658f26492867) (Version: 2.2.0.95 - WildTangent) Hidden
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) SE Runtime Environment 6 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Jewel Quest Solitaire (HKLM-x32\...\WTA-5c6c818c-2c3e-44f5-a433-50d295832c9f) (Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-7b9ca775-569c-4330-9c54-664679fde1a6) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Packard Bell)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Malwarebytes Anti-Malware verze 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.2296.1 - McAfee, LLC)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 92.0.1 (x64 cs)) (Version: 92.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 92.0.1.7935 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (HKLM-x32\...\WTA-caea413b-0915-4a71-aec5-0b7c018cf483) (Version: 2.2.0.95 - WildTangent) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA Graphics Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 79.0.4143.50 (HKLM-x32\...\Opera 79.0.4143.50) (Version: 79.0.4143.50 - Opera Software)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.4 - WildTangent)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3004 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.2211 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.2211 - CyberLink Corp.)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Penguins! (HKLM-x32\...\WTA-65e0c5e2-a76e-4ec8-9ee2-18b7c0843491) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-d7c857c7-4481-4739-ae9d-b7bc70ceb5b6) (Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-4d4d1025-4679-4a6c-bbdf-b0d0f536a83c) (Version: 2.2.0.95 - WildTangent) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rapture3D 2.5.1 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (HKLM-x32\...\WTA-1a27f9cb-a896-4b40-9738-35a2a4445461) (Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Swords and Sandals 2 2.0 (HKLM-x32\...\Swords and Sandals 2) (Version: 2.0 - 3RDsense)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
Torchlight (HKLM-x32\...\WTA-82ba40dc-d1d0-48f5-9eb7-86bcd1acb5ca) (Version: 2.2.0.95 - WildTangent) Hidden
TPA 3.10 (HKLM-x32\...\{66A722D8-3D74-4BC4-8857-E042320BE871}) (Version: 3.1.0 - Halfen GmbH)
Unity Web Player (HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
Video Web Camera (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
Virtual Villagers - The Secret City (HKLM-x32\...\WTA-b7e9a885-7f60-4552-b78d-b3e693d99a33) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wedding Dash (HKLM-x32\...\WTA-74f12377-2863-44f4-ae8b-26500385e784) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3102 - Packard Bell)
WIBU-KEY Setup (WIBU-KEY Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 5.20a of 2006-Dec-01 (Setup) - WIBU-SYSTEMS AG)
WildTangent Games App (Packard Bell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.5.31 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zuma Deluxe (HKLM-x32\...\WTA-dd113bc0-f837-411e-a5cd-8bc5e44e1fc9) (Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\...\ChromeHTML: -> C:\Users\pribram\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [79360 2012-04-09] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2011-04-15 10:33 - 2010-09-14 03:28 - 000058880 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-03-30 23:41 - 2012-02-17 20:55 - 000193536 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2019-05-16 15:45 - 2019-05-16 15:45 - 000169984 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2c30c654704cd4c5da6c4e5375bca8fc\IsdiInterop.ni.dll
2011-07-08 20:09 - 2010-12-22 21:50 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2012-03-11 20:30 - 2009-06-11 15:09 - 008126464 ____R (C-Media Corporation) [File not signed] C:\Windows\Syswow64\cm106.dll
2010-10-28 18:55 - 2010-10-28 18:55 - 000154720 _____ (CyberLink -> CyberLink) [File not signed] C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\WPDDM.dll
2019-05-16 15:45 - 2019-05-16 15:45 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\737c502d3c6e228d096bcb323581dd5c\IAStorCommon.ni.dll
2011-04-15 10:33 - 2010-09-14 03:28 - 000006656 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2011-07-08 20:09 - 2010-12-22 21:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-04-15 10:33 - 2010-09-14 03:25 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2020-01-16 17:38 - 2020-01-16 17:38 - 000219136 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\459d768b5f6702bc994c22ad73a7e40d\IAStorDataMgr.ni.dll
2020-01-16 17:38 - 2020-01-16 17:38 - 000474624 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\115d60cb35ed641842c492ad7affab0b\IAStorUtil.ni.dll
2011-10-22 15:24 - 2011-10-22 15:24 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2011-10-22 15:17 - 2011-10-22 15:17 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2013-04-08 19:03 - 2013-04-08 19:03 - 000299008 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\PDF Architect\libcurl.dll
2013-04-08 19:03 - 2013-04-08 19:03 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PDF Architect\LIBEAY32.dll
2013-04-08 19:03 - 2013-04-08 19:03 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PDF Architect\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-13] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-13] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2021-09-15 16:02 - 000000164 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.1 mssplus.mcafee.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pribram\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5A02C50A-01DE-41ED-8856-5FE8E9DF035D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D4A60D4-8EFE-4607-AF4D-3F126DDF1350}] => (Allow) LPort=2869
FirewallRules: [{9B731E8A-FD57-4920-B914-9B3F4AE3CEFA}] => (Allow) LPort=1900
FirewallRules: [{062D1431-5CB9-4BD7-8E69-8C8205DFE350}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E8A6D95-5CFC-40B8-BF35-EED487B96596}] => (Allow) C:\Program Files (x86)\CyberLink\HomeMedia\HomeMedia.exe (CyberLink -> CyberLink)
FirewallRules: [{E955A45E-E9BF-43B4-9A83-8504D0255EAB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86F853A8-A149-42E1-AA9C-DCB5118BA9C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{714C057A-380C-4463-B295-28EA8C26FC70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{304E31D5-6C1C-43C8-8B61-769A7D42A5A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FDF007E9-340A-43AC-8CD7-99C0FC8A5D9E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{66620F4E-5EEA-48BC-B01F-B7E266D9BA44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{24C36F97-9ED9-4ADE-81BC-51E1DF209554}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{6DF84132-7FB9-41B7-84EA-D0535862148C}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [{0D6A760C-EC45-45F9-94C8-08ADFC6F6914}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{3A4D8574-173A-414D-B275-31EF07385560}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{BB7241E0-7B8C-4FA5-9567-11E992B2EDB5}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{E1A1EC0C-4FA9-4F11-929F-BB1618846EC6}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{23345F3B-21E4-43E5-AE32-EF7D33AE31F4}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{F14C1055-BECF-409C-865E-96E78D225528}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [{9E58D8FE-916D-4658-B72A-ED040EBB14A8}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [{D0F77365-2966-4552-9532-44F09D5C5DB1}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [{28EC44CB-F4EF-4F3D-B47C-11025D5C9743}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{DDAE7BE5-F6C0-46C0-936A-54B06E499560}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{54460604-2E92-4FEA-B597-C8B7F699B699}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{F9914806-0762-4782-B33B-4846A46F6760}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{B84CAA75-1A12-4036-9C19-848F3D347F41}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{207A0987-A4FF-47E6-942D-F82716117040}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6628FDA3-6CDF-4624-9EF6-7DD411E2A261}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{F81967F2-83B5-4751-8970-25E214AE3ED0}C:\users\pribram\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pribram\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{103820AA-BB25-4796-84A0-F73B1D39D8F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{DC103464-2364-419D-8BC9-93F908536D2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{1484CDC6-81FA-44DA-A440-9BD5DEF09EB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{8C5A34D5-34E9-4CFF-AE13-DCFADB3F83CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{5E1E4436-A11C-4EE3-8867-404987BB5CE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{A747395C-3D6C-4662-A0AA-962591DAF372}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{615C39A6-F0A4-4F18-96FD-0FA9E6D56E49}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6E0458C9-17A7-4063-BC35-A73C81F0449E}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [UDP Query User{77FF1A97-BDEC-4F06-B405-2A9D5C15EDC9}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [{F91AA921-9CB9-42B3-B666-9CF722E86C59}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9DA3B69-DA80-43A6-8077-093408E85C78}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{72197F54-D9F3-4455-A908-C971753C4DF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C78F16D3-897B-42C2-B2E7-F6D9F085F9D5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3719D21-7CCB-47E8-A53C-0A49627CEFA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8240D3E7-D229-457B-ACC8-50AD77ABEF21}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E1C81CC-25F4-4B1A-BB62-94DF84107CD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [{C66D1FB1-E945-470C-87D9-6B0E4D75FB9A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [TCP Query User{F3F1FFBF-C4B3-4475-AE43-C45403EAC022}C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe] => (Allow) C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{A28E8A6B-5763-49A5-AC2D-1B88C739EC36}C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe] => (Allow) C:\users\pribram\desktop\puresro _fakinsmash\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{FC5CB1B2-FFB9-4F41-B5D0-DF4ADC79DD10}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{5F71F108-225A-4283-8A48-5EC5D93E0336}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{0E64B58D-F829-452F-A19A-CB14F9960CAD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{B37A0558-0E35-48E0-804B-DA807CBC5BDB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [{40C20C7F-CD95-4ACB-8FB8-A9FE9C98CEB3}] => (Allow) C:\Program Files (x86)\Opera\78.0.4093.231\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2F52592A-0BEC-4E14-836D-A1D8D426C1F0}] => (Allow) C:\Program Files (x86)\Opera\79.0.4143.50\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

10-08-2021 15:04:26 Windows Update
11-08-2021 16:25:10 Windows Update
15-08-2021 16:52:36 Windows Update
19-08-2021 16:14:10 Windows Update
25-08-2021 15:59:53 Windows Update
29-08-2021 15:22:16 Windows Update
02-09-2021 16:12:05 Windows Update
06-09-2021 11:09:15 Windows Update
09-09-2021 15:30:49 Windows Update
13-09-2021 16:21:46 Windows Update
15-09-2021 18:05:47 Windows Update
19-09-2021 15:50:18 Windows Update
22-09-2021 16:03:03 Windows Update
28-09-2021 16:48:54 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/01/2021 07:05:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/30/2021 08:22:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/30/2021 04:13:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/29/2021 03:49:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/28/2021 04:40:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/27/2021 04:28:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/26/2021 04:23:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/25/2021 04:18:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 194955


System errors:
=============
Error: (09/30/2021 10:42:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/30/2021 10:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Application Virtualization Client byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/30/2021 10:05:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/30/2021 10:05:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dritek WMI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/30/2021 10:05:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Acer ePower Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/30/2021 10:05:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GREGService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/30/2021 10:05:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/30/2021 10:05:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NTI IScheduleSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-06-29 15:57:10.925
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 15:57:10.925
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 17:26:21.340
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.8.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 17:26:21.333
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-06 17:15:20.670
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.339.21.0
Předchozí verze podpisu:1.337.491.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18100.6
Předchozí verze modulu:1.1.18100.5
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Packard Bell V1.11 05/24/2011
Motherboard: Packard Bell SJV50_HR
Processor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz
Percentage of memory in use: 74%
Total physical RAM: 3947.86 MB
Available physical RAM: 1001.34 MB
Total Virtual: 7893.86 MB
Available Virtual: 4725.32 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:445.66 GB) (Free:103.67 GB) NTFS
Drive q: () (Fixed) (Total:0 GB) (Free:0 GB)

\\?\Volume{95822ec5-a98b-11e0-b4bc-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{95822ec4-a98b-11e0-b4bc-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:20 GB) (Free:3.29 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0C6F7E9A)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: kontrola logu

Napsal: 01 říj 2021 18:58
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Program Files\Bonjour
Task: {0F2F47BD-0FBB-4BD3-AFFA-2E1D8342214F} - System32\Tasks\{77C1C755-35EF-44AD-A0E8-839213D25C0C} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Desktop\cod2\cod2mp_s.exe -d C:\Users\pribram\Desktop\cod2\
Task: {24C7E51D-930F-4DEB-B4FA-688216FABFE2} - System32\Tasks\{103512F1-1238-4FD6-B78C-DAC84889B1D8} => C:\Windows\system32\pcalua.exe -a "E:\Call Of Duty 2\setup.exe" -d "E:\Call Of Duty 2"
Task: {94BCEF8B-41F2-4E1F-81B1-64DEE4F01B5A} - System32\Tasks\{0088D3C3-3137-40F5-B732-E8E7089987E5} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Downloads\Minecraft.exe -d C:\Users\pribram\Downloads
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FirewallRules: [{103820AA-BB25-4796-84A0-F73B1D39D8F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{DC103464-2364-419D-8BC9-93F908536D2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{1484CDC6-81FA-44DA-A440-9BD5DEF09EB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{8C5A34D5-34E9-4CFF-AE13-DCFADB3F83CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{5E1E4436-A11C-4EE3-8867-404987BB5CE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{A747395C-3D6C-4662-A0AA-962591DAF372}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{615C39A6-F0A4-4F18-96FD-0FA9E6D56E49}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6E0458C9-17A7-4063-BC35-A73C81F0449E}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [UDP Query User{77FF1A97-BDEC-4F06-B405-2A9D5C15EDC9}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [{4E1C81CC-25F4-4B1A-BB62-94DF84107CD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [{C66D1FB1-E945-470C-87D9-6B0E4D75FB9A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
irewallRules: [TCP Query User{FC5CB1B2-FFB9-4F41-B5D0-DF4ADC79DD10}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{5F71F108-225A-4283-8A48-5EC5D93E0336}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{0E64B58D-F829-452F-A19A-CB14F9960CAD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{B37A0558-0E35-48E0-804B-DA807CBC5BDB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: kontrola logu

Napsal: 01 říj 2021 19:21
od r0ach
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by pribram (01-10-2021 20:04:45) Run:1
Running from C:\Users\pribram\Desktop
Loaded Profiles: pribram
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Program Files\Bonjour
Task: {0F2F47BD-0FBB-4BD3-AFFA-2E1D8342214F} - System32\Tasks\{77C1C755-35EF-44AD-A0E8-839213D25C0C} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Desktop\cod2\cod2mp_s.exe -d C:\Users\pribram\Desktop\cod2\
Task: {24C7E51D-930F-4DEB-B4FA-688216FABFE2} - System32\Tasks\{103512F1-1238-4FD6-B78C-DAC84889B1D8} => C:\Windows\system32\pcalua.exe -a "E:\Call Of Duty 2\setup.exe" -d "E:\Call Of Duty 2"
Task: {94BCEF8B-41F2-4E1F-81B1-64DEE4F01B5A} - System32\Tasks\{0088D3C3-3137-40F5-B732-E8E7089987E5} => C:\Windows\system32\pcalua.exe -a C:\Users\pribram\Downloads\Minecraft.exe -d C:\Users\pribram\Downloads
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3888868643-3751209935-4175876941-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FirewallRules: [{103820AA-BB25-4796-84A0-F73B1D39D8F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{DC103464-2364-419D-8BC9-93F908536D2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{1484CDC6-81FA-44DA-A440-9BD5DEF09EB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{8C5A34D5-34E9-4CFF-AE13-DCFADB3F83CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe => No File
FirewallRules: [{5E1E4436-A11C-4EE3-8867-404987BB5CE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{A747395C-3D6C-4662-A0AA-962591DAF372}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{615C39A6-F0A4-4F18-96FD-0FA9E6D56E49}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6E0458C9-17A7-4063-BC35-A73C81F0449E}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [UDP Query User{77FF1A97-BDEC-4F06-B405-2A9D5C15EDC9}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe => No File
FirewallRules: [{4E1C81CC-25F4-4B1A-BB62-94DF84107CD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [{C66D1FB1-E945-470C-87D9-6B0E4D75FB9A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
irewallRules: [TCP Query User{FC5CB1B2-FFB9-4F41-B5D0-DF4ADC79DD10}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{5F71F108-225A-4283-8A48-5EC5D93E0336}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{0E64B58D-F829-452F-A19A-CB14F9960CAD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{B37A0558-0E35-48E0-804B-DA807CBC5BDB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F2F47BD-0FBB-4BD3-AFFA-2E1D8342214F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F2F47BD-0FBB-4BD3-AFFA-2E1D8342214F}" => removed successfully
C:\Windows\System32\Tasks\{77C1C755-35EF-44AD-A0E8-839213D25C0C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{77C1C755-35EF-44AD-A0E8-839213D25C0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24C7E51D-930F-4DEB-B4FA-688216FABFE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24C7E51D-930F-4DEB-B4FA-688216FABFE2}" => removed successfully
C:\Windows\System32\Tasks\{103512F1-1238-4FD6-B78C-DAC84889B1D8} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{103512F1-1238-4FD6-B78C-DAC84889B1D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94BCEF8B-41F2-4E1F-81B1-64DEE4F01B5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94BCEF8B-41F2-4E1F-81B1-64DEE4F01B5A}" => removed successfully
C:\Windows\System32\Tasks\{0088D3C3-3137-40F5-B732-E8E7089987E5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0088D3C3-3137-40F5-B732-E8E7089987E5}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => removed successfully
"HKU\S-1-5-21-3888868643-3751209935-4175876941-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\linkscanner => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{103820AA-BB25-4796-84A0-F73B1D39D8F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC103464-2364-419D-8BC9-93F908536D2E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1484CDC6-81FA-44DA-A440-9BD5DEF09EB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C5A34D5-34E9-4CFF-AE13-DCFADB3F83CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E1E4436-A11C-4EE3-8867-404987BB5CE1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A747395C-3D6C-4662-A0AA-962591DAF372}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{615C39A6-F0A4-4F18-96FD-0FA9E6D56E49}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6E0458C9-17A7-4063-BC35-A73C81F0449E}C:\programdata\battle.net\agent\agent.3235\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{77FF1A97-BDEC-4F06-B405-2A9D5C15EDC9}C:\programdata\battle.net\agent\agent.3235\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4E1C81CC-25F4-4B1A-BB62-94DF84107CD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C66D1FB1-E945-470C-87D9-6B0E4D75FB9A}" => removed successfully
irewallRules: [TCP Query User{FC5CB1B2-FFB9-4F41-B5D0-DF4ADC79DD10}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5F71F108-225A-4283-8A48-5EC5D93E0336}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E64B58D-F829-452F-A19A-CB14F9960CAD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B37A0558-0E35-48E0-804B-DA807CBC5BDB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120486371 B
Java, Flash, Steam htmlcache => 410 B
Windows/system/drivers => 2124213461 B
Edge => 0 B
Chrome => 387431116 B
Firefox => 1202795616 B
Opera => 51292860 B

Temp, IE cache, history, cookies, recent:
Default => 54605 B
Public => 54605 B
ProgramData => 54605 B
systemprofile => 42392754 B
systemprofile32 => 55900781 B
LocalService => 55967009 B
NetworkService => 56183891 B
pribram => 4033925099 B

RecycleBin => 21583839940 B
EmptyTemp: => 27.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:14:40 ====

Re: kontrola logu

Napsal: 01 říj 2021 19:53
od Rudy
Smazáno. Nastala nějaká změna?

Re: kontrola logu

Napsal: 01 říj 2021 21:57
od r0ach
Ano, o něco se to zlepšilo :) jako hodinky nešlape, ale taky je to už veterán. Předám NTB zpět hlavnímu uživateli a uvídim jeho reakci.
mockrát děkuji.

Re: kontrola logu

Napsal: 02 říj 2021 10:11
od Rudy
Je možné ještě defragmentovat disk.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz