zavirovaný soubor
Napsal: 15 úno 2022 17:27
Zdravím. Prosím o kontrolu logu. Omylem jsem rozklikl "prázdný" soubor v emailu faktura.slxs. Předem díky. Ruda
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
Ran by Stiburek (15-02-2022 17:21:38)
Running from C:\Users\Stiburek\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1526 (X64) (2020-08-25 18:08:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3736271558-2664885646-4274364148-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3736271558-2664885646-4274364148-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-3736271558-2664885646-4274364148-1010 - Limited - Enabled) => C:\Users\DevToolsUser
Guest (S-1-5-21-3736271558-2664885646-4274364148-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3736271558-2664885646-4274364148-1002 - Limited - Enabled)
sshd (S-1-5-21-3736271558-2664885646-4274364148-1008 - Limited - Enabled)
Stiburek (S-1-5-21-3736271558-2664885646-4274364148-1001 - Administrator - Enabled) => C:\Users\Stiburek
WDAGUtilityAccount (S-1-5-21-3736271558-2664885646-4274364148-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Eastern European (Group 1) (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
AMD Catalyst Install Manager (HKLM\...\{57C30EBD-C09A-70DE-F7BE-7227EEAC38EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2021.0719.0453.8802 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.49 - )
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apowersoft Online Launcher verze 1.4.5 (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.5 - APOWERSOFT LIMITED)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bosch DiagnosticTool 3 Verze 1.2.3 (HKLM-x32\...\{612EBC09-2A0C-46E6-A405-F0961A2B7275}_is1) (Version: 1.2.3 - Robert Bosch GmbH)
Bosch DiagnosticTool 7.5.3.0.0 (HKLM-x32\...\{5A71D203-4F1E-4D9D-8EB4-0C652328D7FB}_is1) (Version: 7.5.3.0.0 - Robert Bosch GmbH)
Bosch eBike Diagnostic Software Compatibility Layer 1.0 (HKLM-x32\...\Bosch eBike Diagnostic Software Compatibility Layer 1.0) (Version: 1.0.0.0 - Robert Bosch GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
eM Client (HKLM-x32\...\{5CD40FFB-B38B-4A95-B277-78387D8DBC6C}) (Version: 7.2.40748.0 - eM Client Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.15.2026 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{DD36B764-6476-4F00-BC61-9BA9BFF76FA6}) (Version: 5.0.6.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{FC34BD4D-4FD6-4E43-9879-EB6CC2002A59}) (Version: 1.0.0.1 - Hewlett-Packard)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - Hewlett-Packard Company)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{A5760B8B-AC5F-4221-B905-9926DEF26632}) (Version: 2.8.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{757cc2cc-5fed-43e4-b813-2bda78353297}) (Version: 4.2.4.0 - HP)
HP Software Setup (HKLM-x32\...\{83421C73-4679-40F0-B590-20846CB893E0}) (Version: 9.0.1 - HP)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.26.62 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{FF94262A-A307-4D6A-AD8A-9D814A93E344}) (Version: 3.1.1 - HP)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.10 - SunplusIT)
IconConverter 2.0 (HKLM-x32\...\IconConverter_is1) (Version: - Weissoft)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{D5DC1131-9CD2-4DC8-8819-358405827A4B}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
LibreOffice 6.2.8.2 (HKLM\...\{27A53987-88CB-4E92-8D62-A5AB458ACD14}) (Version: 6.2.8.2 - The Document Foundation)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Movavi Video Editor 15 Business (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Movavi Video Editor 15 Business) (Version: 15.4.0 - Movavi)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0 (x64 cs)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.6.1 - Mozilla)
Mozilla Thunderbird 60.6.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.6.1 (x86 cs)) (Version: 60.6.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Opera Stable 83.0.4254.27 (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Opera 83.0.4254.27) (Version: 83.0.4254.27 - Opera Software)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.58.5.3366 - Cybertron Software Co., Ltd.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.95 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.94.723.2015 - Realtek)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA Start CZ (HKLM-x32\...\{6531FE3F-206A-4683-BA0A-3AC2CD746021}) (Version: 11500.110 - STORMWARE)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.70 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.19.2 (HKLM-x32\...\winscp3_is1) (Version: 5.19.2 - Martin Prikryl)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.11.277.0_x64__rz1tebttyb220 [2022-01-20] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-07] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2020-09-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-08] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_7.5.0.0_x86__g0q0z3kw54rap [2022-01-31] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-12-26] (VideoLAN)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-17] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1_S-1-5-21-3736271558-2664885646-4274364148-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-04-20 23:03 - 2014-11-02 17:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-09-24 16:41 - 2015-09-24 16:41 - 000334848 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenu64.cze
2021-07-19 04:36 - 2021-07-19 04:36 - 001704960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-02-07 20:20 - 2012-06-09 19:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2017-02-07 12:45 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2015-08-18 22:20 - 2015-08-18 22:20 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-08-18 22:19 - 2015-08-18 22:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2017-09-20 17:04 - 000000863 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
2017-10-05 12:43 - 2020-10-29 23:36 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-3736271558-2664885646-4274364148-1010\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "MicTray"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "Privacy Eraser"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "eM Client"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{597AAB9F-4FD0-44AC-B197-E757802DB308}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3DA40006-7C28-4EFB-AF4A-20B5E2AC2DD0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{266E923F-9A64-4B60-AC26-2A7F598688F1}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{A5E2BC5E-03A4-4736-9F84-8AE2A60F3EF8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{816113DF-E7F4-4C9A-9ED1-86D838BDD38A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B2C7DE58-FFD9-4D54-BC52-C3220D41603F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A96ECEB1-6EA9-4249-A049-D39C06E236A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC1F5C0D-8E61-4F90-99CF-B5875B5D74A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F1AFE4C5-88D2-452A-A181-68F79F1013A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3121076B-6AD9-4ADA-A6BE-398416CD71C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5849E54D-E2C4-42F3-A01F-56BEB8E4FEBC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{021A2ABB-4EFF-42F7-A127-BC865D22029D}C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe] => (Allow) C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B6460ECC-CC05-4815-9286-BAEA70548EC6}C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe] => (Allow) C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe
FirewallRules: [{E4D37B05-A95D-408C-9A5C-D257F5530871}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7B4F7034-542F-4D07-951A-A9C9F822E6E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C812F763-5F75-4A7C-BF98-E7A577324661}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E1D9B45-F493-418B-B72E-FC915CD5786C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FD73AE78-7D0F-4F3A-83D6-57ED64F92CE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
30-01-2022 20:11:02 Naplánovaný kontrolní bod
08-02-2022 21:54:03 Naplánovaný kontrolní bod
12-02-2022 21:18:10 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: DESKTOP-B3Q1QPI A2DP SNK
Description: Jímka Microsoft Bluetooth A2dp
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2dp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: ========================
Application errors:
==================
Error: (02/14/2022 06:04:43 AM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
Error: (02/13/2022 10:25:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MailClient.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Text.EncoderFallbackException
na System.Text.EncoderExceptionFallbackBuffer.Fallback(Char, Int32)
na System.Text.EncoderFallbackBuffer.InternalFallback(Char, Char* ByRef)
na System.Text.UTF8Encoding.GetBytes(Char*, Int32, Byte*, Int32, System.Text.EncoderNLS)
na System.Text.EncoderNLS.GetBytes(Char*, Int32, Byte*, Int32, Boolean)
na System.Text.EncoderNLS.GetBytes(Char[], Int32, Int32, Byte[], Int32, Boolean)
na System.IO.StreamWriter.Flush(Boolean, Boolean)
na System.IO.StreamWriter.Write(Char[], Int32, Int32)
na System.IO.TextWriter.WriteLine(System.String)
na MailClient.Utils.LoggingMessageFilter.LogMessage(HookLib.CWPSTRUCT)
na MailClient.Utils.LoggingMessageFilter.hook_WndProc(System.Object, HookLib.HookEventArgs)
na HookLib.HookLibClass.ProcessMessage(HookLib.SWH_ID, HookEventHandler, Int32, IntPtr, IntPtr)
na HookLib.HookLibClass+<>c__DisplayClass4_0.<SetHook>b__0(Int32, IntPtr, IntPtr)
Error: (02/12/2022 09:19:53 PM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
Error: (02/12/2022 09:13:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.1503, časové razítko: 0x261d1767
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x71b077d0
ID chybujícího procesu: 0x3478
Čas spuštění chybující aplikace: 0x01d8204d07270907
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7a23e5b1-1894-4b51-9917-77f5310670e3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2022 09:10:42 PM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
Error: (02/12/2022 09:08:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MailClient.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Text.EncoderFallbackException
na System.Text.EncoderExceptionFallbackBuffer.Fallback(Char, Int32)
na System.Text.EncoderFallbackBuffer.InternalFallback(Char, Char* ByRef)
na System.Text.UTF8Encoding.GetBytes(Char*, Int32, Byte*, Int32, System.Text.EncoderNLS)
na System.Text.EncoderNLS.GetBytes(Char*, Int32, Byte*, Int32, Boolean)
na System.Text.EncoderNLS.GetBytes(Char[], Int32, Int32, Byte[], Int32, Boolean)
na System.IO.StreamWriter.Flush(Boolean, Boolean)
na System.IO.StreamWriter.Write(Char[], Int32, Int32)
na System.IO.TextWriter.WriteLine(System.String)
na MailClient.Utils.LoggingMessageFilter.LogMessage(HookLib.CWPSTRUCT)
na MailClient.Utils.LoggingMessageFilter.hook_WndProc(System.Object, HookLib.HookEventArgs)
na HookLib.HookLibClass.ProcessMessage(HookLib.SWH_ID, HookEventHandler, Int32, IntPtr, IntPtr)
na HookLib.HookLibClass+<>c__DisplayClass4_0.<SetHook>b__0(Int32, IntPtr, IntPtr)
Error: (02/02/2022 06:25:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxEM.exe, verze: 6.15.100.8854, časové razítko: 0x5f8741b9
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1466, časové razítko: 0xe2f8ca76
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff199
ID chybujícího procesu: 0x2660
Čas spuštění chybující aplikace: 0x01d809d945c354b8
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b4a96c0e-588e-4379-a0cc-e61528ccfd1d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/15/2022 07:29:16 AM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
System errors:
=============
Error: (02/15/2022 04:49:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BOSCH Lock Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee True Key byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1701604449 milisekund: Restartovat službu.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee True Key Scheduler byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6619219 milisekund: Restartovat službu.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-02-15 07:41:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6D13B07E-E2A8-419E-ABBE-BAC650218CCF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-02-14 06:11:41
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe možnost upravit %userprofile%\Documents.
Čas detekce: 2022-02-14T05:11:41.935Z
Uživatel: RUDASUPPORT81\Stiburek
Cesta: %userprofile%\Documents
Název procesu: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
Verze bezpečnostních informací: 1.359.144.0
Verze modulu: 1.1.18900.3
Verze produktu: 4.18.2201.10
Date: 2022-02-12 21:22:00
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2022-02-12T20:22:00.491Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.359.96.0
Verze modulu: 1.1.18900.3
Verze produktu: 4.18.2201.10
Date: 2022-02-12 21:13:45
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\ccupdate589_free.exe provádění změn v paměti.
Čas detekce: 2022-02-12T20:13:45.233Z
Uživatel: RUDASUPPORT81\Stiburek
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\ccupdate589_free.exe
Verze bezpečnostních informací: 1.359.64.0
Verze modulu: 1.1.18900.3
Verze produktu: 4.18.2201.10
Date: 2022-02-12 10:11:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {68AEAC0C-9C0D-46A9-9EA2-594D99C2E1FA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
BIOS: HP N78 Ver. 01.06 12/18/2015
Motherboard: HP 8102
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 37%
Total physical RAM: 12185.42 MB
Available physical RAM: 7613.11 MB
Total Virtual: 24473.42 MB
Available Virtual: 19321.95 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:217.6 GB) (Free:22.89 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:17.87 GB) (Free:1.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.94 GB) FAT32
\\?\Volume{05749f44-0343-11e6-970c-806e6f6e6963}\ (SYSTEM ) (Fixed) (Total:1 GB) (Free:0.51 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: ABEC49DE)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=217.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Ran by Stiburek (administrator) on RUDASUPPORT81 (HP HP ProBook 470 G3) (15-02-2022 17:18:51)
Running from C:\Users\Stiburek\Desktop
Loaded Profiles: Stiburek
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1526 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(RuntimeBroker.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(services.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [MicTray] => C:\Program Files\Conexant\MicTray\MicTray64.exe [2728024 2015-09-15] (Conexant Systems, Inc. -> Conexant)
HKLM\...\Run: [SmartAudio] => C:\Program Files\Conexant\SA3\HP-NB-AIO\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [Privacy Eraser] => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe [8774792 2020-01-15] (Cybertron Software Co., Ltd -> Cybertron Software, Co., Ltd.)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [Opera Browser Assistant] => C:\Users\Stiburek\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-10] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{722DEFE8-78AF-4E12-86A1-A8B21B509C52}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0095F8CC-597D-4067-B2E0-921CF90433B0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {07CC4AC4-0794-47A4-B7E9-2302D228E891} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {0FA35699-E8DB-4426-920A-870E862F1177} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {1964340B-7D71-4B83-84F6-D851983A0C31} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {1AE83F14-EC89-4438-BB1E-FF0DE83060B6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {1D2D8A11-B65E-4E8A-A2B8-E6DA529EE2E5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2A9AC33A-9E38-4A10-AD6B-17D1D3E2C7E8} - System32\Tasks\CCleanerSkipUAC - Stiburek => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {30BE8161-419D-4E20-96EE-402C41C26C38} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [139752 2020-05-12] (eM Client, s.r.o. -> ) -> -backup -databasedir "C:\Users\Stiburek\AppData\Roaming\eM Client" -backupdir "C:\Users\Stiburek\Documents\eM Client" -preserve 1 -instanceString "eM_Client_C__Users_Stiburek_AppData_Roaming_eM_Client_" -silence
Task: {33433B27-7384-4AF0-BDEF-17F30FF88DB2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {35F6558F-A1E5-4CFE-9061-973C2AA7EA12} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3A1C3F02-35C2-497E-943A-0C7094A30AFB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {3B327D91-538C-452B-8516-95D1A74FEDC1} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {3D2B259B-FB70-4F98-85D6-37B898F6F0B6} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Stiburek => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe [8774792 2020-01-15] (Cybertron Software Co., Ltd -> Cybertron Software, Co., Ltd.)
Task: {3E93F79D-DAF8-45D4-B365-5B227451378D} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {419D12E5-3C36-4ADF-AE81-B1144151BC44} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {44BAD1AD-F2BE-48F8-83C9-7023EF36CAF5} - System32\Tasks\Bosch - start LockService => sc.exe start LockService
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {48E64D20-64C7-4E37-8410-4B97FC2E3671} - System32\Tasks\Opera scheduled Autoupdate 1590389663 => C:\Users\Stiburek\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software)
Task: {51099DF2-3158-42C3-97C1-B834DC8EF33E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-18] (Google Inc -> Google Inc.)
Task: {52448A38-D1CB-4996-955B-2E500925A147} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {52569505-D199-4E42-ABE0-D5808F2E7A08} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5288B972-ABD6-47C7-922B-42734FA27AF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6C9410A6-3437-4F9B-93F6-6F5044F8F7F4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-07-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {7006C7EA-6EE7-4697-8C43-D98C9FDBAE2F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {729F1FB9-D312-47BF-B7F3-AA20FD319BA4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {9DB7A303-B0D5-47E0-84AA-E1C88AAE1F7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EA4D557-5788-4B2F-A78D-C5374D670EF8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A668DB62-6CCE-46C9-A952-939BECD4A6D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1590389668 => C:\Users\Stiburek\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Stiburek\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A7C1E587-8E49-40DD-9D14-27FF720CFBC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [564536 2015-06-24] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {AD6D4334-4535-4E19-AC82-0E81CEE233C5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {BB51BD1C-6531-440B-AD51-0657E38AE6B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {C47CC823-8907-4F1F-AB90-0FFD94D7E8A8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@cyklosportsr.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CE4AA155-BBBF-4A75-9FEF-55C07962C548} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-18] (Google Inc -> Google Inc.)
Task: {DA33A6E9-916F-4D23-B63B-FD4BAADDC319} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E9192E9F-40BB-4761-81AF-9E7B5B1E0BB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EF6F3AF5-294B-4745-9866-376DA823DD76} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3736271558-2664885646-4274364148-1001_2 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [420864 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
Task: {EFC29565-C9AB-4BBC-9922-5C664001700B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE905F09-3014-4F9D-A658-F41487A53B23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b5ec9f8b-5e91-48e7-80c1-49e5936df0ef}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Stiburek\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> hxxp://www.cyklosportsr.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Stiburek\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-15]
Edge DownloadDir: Default -> C:\Users\Stiburek\Downloads
Edge HomePage: Default -> hxxp://www.cyklosportsr.cz/
FireFox:
========
FF DefaultProfile: 4liywnbz.default
FF ProfilePath: C:\Users\Stiburek\AppData\Roaming\Mozilla\Firefox\Profiles\4liywnbz.default [2022-02-15]
FF NetworkProxy: Mozilla\Firefox\Profiles\4liywnbz.default -> http", "89.248.244.182"
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-11-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-10-07] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-07-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default [2022-02-15]
CHR Notifications: Default -> hxxps://app.plus500.com; hxxps://calendar.google.com; hxxps://cs.duolingo.com; hxxps://phocs.ru; hxxps://talk.youradio.cz; hxxps://www.duolingo.com; hxxps://www.hanziwork.cz; hxxps://www.instagram.com; hxxps://www.seduo.cz
CHR HomePage: Default -> hxxp://www.cyklosportsr.cz/
CHR StartupUrls: Default -> "hxxp://www.cyklosportsr.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://bhloflhklmhfpedakmangadcdofhnnoh/index.html", Not-active:"chrome-extension://cocjcidknhpoeipkjfkhfjbhicgdmhaj/newtab/newtab.html"
CHR Extension: (Learn English - Beelingo.com) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeefohgoiafgjjpihnoeofgijggpbmmf [2016-04-18]
CHR Extension: (Duolingo on the Web) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2016-04-18]
CHR Extension: (Dokumenty) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (Earth View from Google Earth) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2020-09-18]
CHR Extension: (YouTube) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-18]
CHR Extension: (Vocabla - budovat svou slovní zásobu) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk [2016-04-18]
CHR Extension: (uBlock Origin) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-02-12]
CHR Extension: (Alexa Traffic Rank) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2022-02-15]
CHR Extension: (MagicScroll Web Reader) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecldhagehndokdmaiaigoaecbmbnmfkc [2021-03-14]
CHR Extension: (I don't care about cookies) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2021-03-10]
CHR Extension: (AB Blocker) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hneamlikkijedhidoagchnpcnibffhac [2017-05-19]
CHR Extension: (Webcam Toy) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2018-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2016-10-13]
CHR Extension: (Learn English) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogeblbgokjljbcoipfmbphbmcdbbnfjc [2016-04-18]
CHR Extension: (Gmail) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-01]
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-07-22]
Opera:
=======
OPR Profile: C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable [2022-02-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 BoschDevNodeService; C:\Program Files (x86)\Bosch eBike Diagnostic Software\BoschDevNodeCleanService64.exe [350720 2021-12-15] (Robert Bosch GmbH) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe [1512544 2021-10-30] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
R3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [395744 2015-01-14] (Intel(R) Wireless Display -> Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
S2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe [591968 2021-10-30] (HP Inc. -> HP Inc.)
S2 LockService; C:\Program Files (x86)\Bosch eBike Diagnostic Software\prunsrv\amd64\prunsrv.exe [109696 2021-12-15] (CodeSigning for The Apache Software Foundation -> Apache Software Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MSSQL$DUEL; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6136536 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$DUEL; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 hidemi; C:\WINDOWS\system32\drivers\hidemi.sys [29024 2015-07-06] (Microchip Technology Inc. -> Microchip)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mchpemi; C:\WINDOWS\system32\drivers\mchpemi.sys [37728 2015-07-06] (Microchip Technology Inc. -> Microchip)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsl721f2289; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DBDCB231-EA07-49C0-81F9-FCB12AEF891C}\MpKslDrv.sys [135440 2022-02-15] (Microsoft Windows -> Microsoft Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-01-14] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-15 17:18 - 2022-02-15 17:20 - 000032908 _____ C:\Users\Stiburek\Desktop\FRST.txt
2022-02-15 17:18 - 2022-02-15 17:18 - 002312192 _____ (Farbar) C:\Users\Stiburek\Desktop\FRST64.exe
2022-02-15 16:45 - 2022-02-15 16:45 - 000912797 _____ C:\Users\Stiburek\Desktop\FAKTURA_223215.xlsx
2022-02-12 21:15 - 2022-02-12 21:15 - 000000000 ___HD C:\$WinREAgent
2022-02-12 21:13 - 2022-02-12 21:13 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3736271558-2664885646-4274364148-1001_2
2022-02-11 13:38 - 2022-02-11 13:38 - 000003716 _____ C:\WINDOWS\system32\Tasks\Bosch - start LockService
2022-02-11 13:38 - 2022-02-11 13:38 - 000001433 _____ C:\Users\Public\Desktop\Bosch DiagnosticTool.lnk
2022-02-11 13:38 - 2022-02-11 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robert Bosch
2022-02-11 13:38 - 2022-02-11 13:38 - 000000000 ____D C:\Program Files (x86)\Bosch eBike Diagnostic Software Compatibility Layer 1.0
2022-02-11 09:23 - 2022-02-11 09:23 - 000000000 ____D C:\kolaweby
2022-02-09 11:09 - 2022-02-09 11:09 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-09 11:09 - 2022-02-09 11:09 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-09 11:09 - 2022-02-09 11:09 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-09 11:09 - 2022-02-09 11:09 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-09 11:09 - 2022-02-09 11:09 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-03 23:21 - 2022-02-03 23:21 - 000121063 _____ C:\Users\Stiburek\Desktop\AC_Connectivity_podmínky.pdf
2022-02-02 10:23 - 2022-02-02 10:23 - 014519702 _____ C:\Users\Stiburek\Desktop\seznam-stb.zip
2022-01-23 09:24 - 2022-01-23 09:24 - 000056970 _____ C:\Users\Stiburek\Desktop\2022 Kalendář MC akcí FINAL.PDF
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-15 17:19 - 2021-11-29 11:03 - 000000000 ____D C:\FRST
2022-02-15 17:19 - 2019-10-03 17:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-02-15 17:17 - 2019-01-14 10:43 - 000000000 ____D C:\Program Files\CCleaner
2022-02-15 17:14 - 2016-04-18 16:20 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-15 16:51 - 2020-08-23 07:48 - 000000000 ____D C:\Users\Stiburek
2022-02-15 16:51 - 2016-05-03 06:03 - 000000000 ____D C:\Users\Stiburek\AppData\Roaming\eM Client
2022-02-15 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-15 16:04 - 2020-08-25 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-15 11:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-15 11:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-15 05:09 - 2016-06-18 23:03 - 000000000 ____D C:\Users\Stiburek\AppData\Local\Adobe
2022-02-14 06:12 - 2020-08-25 19:10 - 001876258 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-14 06:12 - 2019-12-07 15:43 - 000783122 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-14 06:12 - 2019-12-07 15:43 - 000172820 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-14 06:12 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-14 06:05 - 2016-04-15 11:51 - 000000000 __SHD C:\Users\Stiburek\IntelGraphicsProfiles
2022-02-14 06:04 - 2020-08-25 19:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-14 06:04 - 2020-08-25 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-14 06:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-14 06:04 - 2017-06-14 05:23 - 000000000 ____D C:\ProgramData\Synaptics
2022-02-14 06:04 - 2017-02-16 16:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-02-14 06:04 - 2015-11-10 07:11 - 000000000 ____D C:\Intel
2022-02-12 21:22 - 2020-08-16 23:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-12 21:20 - 2020-06-12 21:08 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-12 21:20 - 2020-06-12 21:08 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-12 21:20 - 2016-04-18 16:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-12 21:20 - 2016-04-18 16:21 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-12 21:19 - 2020-08-23 07:36 - 000000000 ____D C:\ProgramData\ssh
2022-02-12 21:19 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-02-12 21:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-12 21:10 - 2020-08-25 18:56 - 005069008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-12 21:09 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-12 21:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-11 13:38 - 2017-07-17 12:29 - 000002805 _____ C:\ProgramData\regid.2013-05.com.robertbosch_9763e19b-1f10-11b2-9765-88ff02738da9_2.swidtag
2022-02-11 13:38 - 2016-09-14 12:18 - 000000000 ____D C:\Program Files (x86)\Bosch eBike Diagnostic Software
2022-02-11 13:37 - 2016-05-16 08:26 - 000000000 ____D C:\ProgramData\eBikeApp
2022-02-10 18:40 - 2020-08-25 19:07 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-10 07:20 - 2018-02-24 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-09 11:09 - 2020-08-25 18:59 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-09 10:59 - 2016-04-15 16:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 10:57 - 2016-04-15 16:15 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-06 14:29 - 2016-10-31 19:45 - 000000000 ____D C:\emaily
2022-02-06 14:27 - 2021-10-03 07:22 - 000000000 ____D C:\Inspirace
2022-02-05 07:50 - 2021-07-07 05:29 - 000010166 _____ C:\Users\Stiburek\Desktop\Kola na výběr.xlsx
2022-02-02 06:29 - 2020-08-25 19:07 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1590389663
2022-02-02 06:29 - 2020-05-25 07:54 - 000001469 _____ C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-01-27 21:34 - 2020-10-30 20:06 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6aeef8b3f177f
2022-01-27 21:34 - 2020-08-25 19:07 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-27 11:05 - 2021-12-13 10:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3736271558-2664885646-4274364148-1001
2022-01-27 11:05 - 2020-08-25 19:07 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3736271558-2664885646-4274364148-1001
2022-01-27 11:05 - 2020-08-23 07:48 - 000002441 _____ C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-26 15:24 - 2016-10-23 19:18 - 000000000 ____D C:\Users\Stiburek\AppData\Local\PokerStars.CZ
2022-01-22 07:18 - 2021-11-27 06:29 - 000000000 ____D C:\Users\Stiburek\AppData\Local\AMD_Common
2022-01-21 05:54 - 2020-08-25 19:07 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 05:54 - 2020-08-25 19:07 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories ========
2017-09-22 10:21 - 2021-08-06 07:58 - 000000132 _____ () C:\Users\Stiburek\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2016-04-20 21:28 - 2021-11-02 19:05 - 000000128 _____ () C:\Users\Stiburek\AppData\Roaming\winscp.rnd
2019-03-20 05:48 - 2019-03-20 05:48 - 000000000 _____ () C:\Users\Stiburek\AppData\Local\oobelibMkey.log
2017-09-18 05:01 - 2017-09-18 05:01 - 000013237 _____ () C:\Users\Stiburek\AppData\Local\recently-used.xbel
2019-05-16 17:07 - 2019-05-16 17:07 - 000000017 _____ () C:\Users\Stiburek\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
Ran by Stiburek (15-02-2022 17:21:38)
Running from C:\Users\Stiburek\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1526 (X64) (2020-08-25 18:08:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3736271558-2664885646-4274364148-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3736271558-2664885646-4274364148-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-3736271558-2664885646-4274364148-1010 - Limited - Enabled) => C:\Users\DevToolsUser
Guest (S-1-5-21-3736271558-2664885646-4274364148-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3736271558-2664885646-4274364148-1002 - Limited - Enabled)
sshd (S-1-5-21-3736271558-2664885646-4274364148-1008 - Limited - Enabled)
Stiburek (S-1-5-21-3736271558-2664885646-4274364148-1001 - Administrator - Enabled) => C:\Users\Stiburek
WDAGUtilityAccount (S-1-5-21-3736271558-2664885646-4274364148-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Eastern European (Group 1) (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
AMD Catalyst Install Manager (HKLM\...\{57C30EBD-C09A-70DE-F7BE-7227EEAC38EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2021.0719.0453.8802 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.49 - )
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apowersoft Online Launcher verze 1.4.5 (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.5 - APOWERSOFT LIMITED)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bosch DiagnosticTool 3 Verze 1.2.3 (HKLM-x32\...\{612EBC09-2A0C-46E6-A405-F0961A2B7275}_is1) (Version: 1.2.3 - Robert Bosch GmbH)
Bosch DiagnosticTool 7.5.3.0.0 (HKLM-x32\...\{5A71D203-4F1E-4D9D-8EB4-0C652328D7FB}_is1) (Version: 7.5.3.0.0 - Robert Bosch GmbH)
Bosch eBike Diagnostic Software Compatibility Layer 1.0 (HKLM-x32\...\Bosch eBike Diagnostic Software Compatibility Layer 1.0) (Version: 1.0.0.0 - Robert Bosch GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
eM Client (HKLM-x32\...\{5CD40FFB-B38B-4A95-B277-78387D8DBC6C}) (Version: 7.2.40748.0 - eM Client Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.15.2026 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{DD36B764-6476-4F00-BC61-9BA9BFF76FA6}) (Version: 5.0.6.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{FC34BD4D-4FD6-4E43-9879-EB6CC2002A59}) (Version: 1.0.0.1 - Hewlett-Packard)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - Hewlett-Packard Company)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{A5760B8B-AC5F-4221-B905-9926DEF26632}) (Version: 2.8.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{757cc2cc-5fed-43e4-b813-2bda78353297}) (Version: 4.2.4.0 - HP)
HP Software Setup (HKLM-x32\...\{83421C73-4679-40F0-B590-20846CB893E0}) (Version: 9.0.1 - HP)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.26.62 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{FF94262A-A307-4D6A-AD8A-9D814A93E344}) (Version: 3.1.1 - HP)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.10 - SunplusIT)
IconConverter 2.0 (HKLM-x32\...\IconConverter_is1) (Version: - Weissoft)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{D5DC1131-9CD2-4DC8-8819-358405827A4B}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
LibreOffice 6.2.8.2 (HKLM\...\{27A53987-88CB-4E92-8D62-A5AB458ACD14}) (Version: 6.2.8.2 - The Document Foundation)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Movavi Video Editor 15 Business (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Movavi Video Editor 15 Business) (Version: 15.4.0 - Movavi)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0 (x64 cs)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.6.1 - Mozilla)
Mozilla Thunderbird 60.6.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.6.1 (x86 cs)) (Version: 60.6.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Opera Stable 83.0.4254.27 (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Opera 83.0.4254.27) (Version: 83.0.4254.27 - Opera Software)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.58.5.3366 - Cybertron Software Co., Ltd.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.95 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.94.723.2015 - Realtek)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA Start CZ (HKLM-x32\...\{6531FE3F-206A-4683-BA0A-3AC2CD746021}) (Version: 11500.110 - STORMWARE)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.70 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.19.2 (HKLM-x32\...\winscp3_is1) (Version: 5.19.2 - Martin Prikryl)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.11.277.0_x64__rz1tebttyb220 [2022-01-20] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-07] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2020-09-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-08] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_7.5.0.0_x86__g0q0z3kw54rap [2022-01-31] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-12-26] (VideoLAN)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-17] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1_S-1-5-21-3736271558-2664885646-4274364148-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-04-20 23:03 - 2014-11-02 17:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-09-24 16:41 - 2015-09-24 16:41 - 000334848 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenu64.cze
2021-07-19 04:36 - 2021-07-19 04:36 - 001704960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-02-07 20:20 - 2012-06-09 19:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2017-02-07 12:45 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2015-08-18 22:20 - 2015-08-18 22:20 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-08-18 22:19 - 2015-08-18 22:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2017-09-20 17:04 - 000000863 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
2017-10-05 12:43 - 2020-10-29 23:36 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-3736271558-2664885646-4274364148-1010\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "MicTray"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "Privacy Eraser"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "eM Client"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{597AAB9F-4FD0-44AC-B197-E757802DB308}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3DA40006-7C28-4EFB-AF4A-20B5E2AC2DD0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{266E923F-9A64-4B60-AC26-2A7F598688F1}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{A5E2BC5E-03A4-4736-9F84-8AE2A60F3EF8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{816113DF-E7F4-4C9A-9ED1-86D838BDD38A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B2C7DE58-FFD9-4D54-BC52-C3220D41603F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A96ECEB1-6EA9-4249-A049-D39C06E236A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC1F5C0D-8E61-4F90-99CF-B5875B5D74A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F1AFE4C5-88D2-452A-A181-68F79F1013A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3121076B-6AD9-4ADA-A6BE-398416CD71C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5849E54D-E2C4-42F3-A01F-56BEB8E4FEBC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{021A2ABB-4EFF-42F7-A127-BC865D22029D}C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe] => (Allow) C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B6460ECC-CC05-4815-9286-BAEA70548EC6}C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe] => (Allow) C:\program files\bosch diagnostictool 3\jre\bin\javaw.exe
FirewallRules: [{E4D37B05-A95D-408C-9A5C-D257F5530871}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7B4F7034-542F-4D07-951A-A9C9F822E6E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C812F763-5F75-4A7C-BF98-E7A577324661}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E1D9B45-F493-418B-B72E-FC915CD5786C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FD73AE78-7D0F-4F3A-83D6-57ED64F92CE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
30-01-2022 20:11:02 Naplánovaný kontrolní bod
08-02-2022 21:54:03 Naplánovaný kontrolní bod
12-02-2022 21:18:10 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: DESKTOP-B3Q1QPI A2DP SNK
Description: Jímka Microsoft Bluetooth A2dp
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2dp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: ========================
Application errors:
==================
Error: (02/14/2022 06:04:43 AM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
Error: (02/13/2022 10:25:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MailClient.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Text.EncoderFallbackException
na System.Text.EncoderExceptionFallbackBuffer.Fallback(Char, Int32)
na System.Text.EncoderFallbackBuffer.InternalFallback(Char, Char* ByRef)
na System.Text.UTF8Encoding.GetBytes(Char*, Int32, Byte*, Int32, System.Text.EncoderNLS)
na System.Text.EncoderNLS.GetBytes(Char*, Int32, Byte*, Int32, Boolean)
na System.Text.EncoderNLS.GetBytes(Char[], Int32, Int32, Byte[], Int32, Boolean)
na System.IO.StreamWriter.Flush(Boolean, Boolean)
na System.IO.StreamWriter.Write(Char[], Int32, Int32)
na System.IO.TextWriter.WriteLine(System.String)
na MailClient.Utils.LoggingMessageFilter.LogMessage(HookLib.CWPSTRUCT)
na MailClient.Utils.LoggingMessageFilter.hook_WndProc(System.Object, HookLib.HookEventArgs)
na HookLib.HookLibClass.ProcessMessage(HookLib.SWH_ID, HookEventHandler, Int32, IntPtr, IntPtr)
na HookLib.HookLibClass+<>c__DisplayClass4_0.<SetHook>b__0(Int32, IntPtr, IntPtr)
Error: (02/12/2022 09:19:53 PM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
Error: (02/12/2022 09:13:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.1503, časové razítko: 0x261d1767
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x71b077d0
ID chybujícího procesu: 0x3478
Čas spuštění chybující aplikace: 0x01d8204d07270907
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7a23e5b1-1894-4b51-9917-77f5310670e3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2022 09:10:42 PM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
Error: (02/12/2022 09:08:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MailClient.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Text.EncoderFallbackException
na System.Text.EncoderExceptionFallbackBuffer.Fallback(Char, Int32)
na System.Text.EncoderFallbackBuffer.InternalFallback(Char, Char* ByRef)
na System.Text.UTF8Encoding.GetBytes(Char*, Int32, Byte*, Int32, System.Text.EncoderNLS)
na System.Text.EncoderNLS.GetBytes(Char*, Int32, Byte*, Int32, Boolean)
na System.Text.EncoderNLS.GetBytes(Char[], Int32, Int32, Byte[], Int32, Boolean)
na System.IO.StreamWriter.Flush(Boolean, Boolean)
na System.IO.StreamWriter.Write(Char[], Int32, Int32)
na System.IO.TextWriter.WriteLine(System.String)
na MailClient.Utils.LoggingMessageFilter.LogMessage(HookLib.CWPSTRUCT)
na MailClient.Utils.LoggingMessageFilter.hook_WndProc(System.Object, HookLib.HookEventArgs)
na HookLib.HookLibClass.ProcessMessage(HookLib.SWH_ID, HookEventHandler, Int32, IntPtr, IntPtr)
na HookLib.HookLibClass+<>c__DisplayClass4_0.<SetHook>b__0(Int32, IntPtr, IntPtr)
Error: (02/02/2022 06:25:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxEM.exe, verze: 6.15.100.8854, časové razítko: 0x5f8741b9
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1466, časové razítko: 0xe2f8ca76
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff199
ID chybujícího procesu: 0x2660
Čas spuštění chybující aplikace: 0x01d809d945c354b8
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b4a96c0e-588e-4379-a0cc-e61528ccfd1d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/15/2022 07:29:16 AM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.
System errors:
=============
Error: (02/15/2022 04:49:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BOSCH Lock Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee True Key byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1701604449 milisekund: Restartovat službu.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee True Key Scheduler byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6619219 milisekund: Restartovat službu.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/15/2022 04:49:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-02-15 07:41:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6D13B07E-E2A8-419E-ABBE-BAC650218CCF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-02-14 06:11:41
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe možnost upravit %userprofile%\Documents.
Čas detekce: 2022-02-14T05:11:41.935Z
Uživatel: RUDASUPPORT81\Stiburek
Cesta: %userprofile%\Documents
Název procesu: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
Verze bezpečnostních informací: 1.359.144.0
Verze modulu: 1.1.18900.3
Verze produktu: 4.18.2201.10
Date: 2022-02-12 21:22:00
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2022-02-12T20:22:00.491Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.359.96.0
Verze modulu: 1.1.18900.3
Verze produktu: 4.18.2201.10
Date: 2022-02-12 21:13:45
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\ccupdate589_free.exe provádění změn v paměti.
Čas detekce: 2022-02-12T20:13:45.233Z
Uživatel: RUDASUPPORT81\Stiburek
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\ccupdate589_free.exe
Verze bezpečnostních informací: 1.359.64.0
Verze modulu: 1.1.18900.3
Verze produktu: 4.18.2201.10
Date: 2022-02-12 10:11:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {68AEAC0C-9C0D-46A9-9EA2-594D99C2E1FA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
BIOS: HP N78 Ver. 01.06 12/18/2015
Motherboard: HP 8102
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 37%
Total physical RAM: 12185.42 MB
Available physical RAM: 7613.11 MB
Total Virtual: 24473.42 MB
Available Virtual: 19321.95 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:217.6 GB) (Free:22.89 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:17.87 GB) (Free:1.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.94 GB) FAT32
\\?\Volume{05749f44-0343-11e6-970c-806e6f6e6963}\ (SYSTEM ) (Fixed) (Total:1 GB) (Free:0.51 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: ABEC49DE)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=217.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Ran by Stiburek (administrator) on RUDASUPPORT81 (HP HP ProBook 470 G3) (15-02-2022 17:18:51)
Running from C:\Users\Stiburek\Desktop
Loaded Profiles: Stiburek
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1526 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(RuntimeBroker.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(services.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [MicTray] => C:\Program Files\Conexant\MicTray\MicTray64.exe [2728024 2015-09-15] (Conexant Systems, Inc. -> Conexant)
HKLM\...\Run: [SmartAudio] => C:\Program Files\Conexant\SA3\HP-NB-AIO\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [Privacy Eraser] => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe [8774792 2020-01-15] (Cybertron Software Co., Ltd -> Cybertron Software, Co., Ltd.)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [Opera Browser Assistant] => C:\Users\Stiburek\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-10] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{722DEFE8-78AF-4E12-86A1-A8B21B509C52}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0095F8CC-597D-4067-B2E0-921CF90433B0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {07CC4AC4-0794-47A4-B7E9-2302D228E891} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {0FA35699-E8DB-4426-920A-870E862F1177} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {1964340B-7D71-4B83-84F6-D851983A0C31} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {1AE83F14-EC89-4438-BB1E-FF0DE83060B6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {1D2D8A11-B65E-4E8A-A2B8-E6DA529EE2E5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2A9AC33A-9E38-4A10-AD6B-17D1D3E2C7E8} - System32\Tasks\CCleanerSkipUAC - Stiburek => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {30BE8161-419D-4E20-96EE-402C41C26C38} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [139752 2020-05-12] (eM Client, s.r.o. -> ) -> -backup -databasedir "C:\Users\Stiburek\AppData\Roaming\eM Client" -backupdir "C:\Users\Stiburek\Documents\eM Client" -preserve 1 -instanceString "eM_Client_C__Users_Stiburek_AppData_Roaming_eM_Client_" -silence
Task: {33433B27-7384-4AF0-BDEF-17F30FF88DB2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {35F6558F-A1E5-4CFE-9061-973C2AA7EA12} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3A1C3F02-35C2-497E-943A-0C7094A30AFB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {3B327D91-538C-452B-8516-95D1A74FEDC1} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {3D2B259B-FB70-4F98-85D6-37B898F6F0B6} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Stiburek => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe [8774792 2020-01-15] (Cybertron Software Co., Ltd -> Cybertron Software, Co., Ltd.)
Task: {3E93F79D-DAF8-45D4-B365-5B227451378D} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {419D12E5-3C36-4ADF-AE81-B1144151BC44} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {44BAD1AD-F2BE-48F8-83C9-7023EF36CAF5} - System32\Tasks\Bosch - start LockService => sc.exe start LockService
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {48E64D20-64C7-4E37-8410-4B97FC2E3671} - System32\Tasks\Opera scheduled Autoupdate 1590389663 => C:\Users\Stiburek\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software)
Task: {51099DF2-3158-42C3-97C1-B834DC8EF33E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-18] (Google Inc -> Google Inc.)
Task: {52448A38-D1CB-4996-955B-2E500925A147} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {52569505-D199-4E42-ABE0-D5808F2E7A08} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5288B972-ABD6-47C7-922B-42734FA27AF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6C9410A6-3437-4F9B-93F6-6F5044F8F7F4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-07-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {7006C7EA-6EE7-4697-8C43-D98C9FDBAE2F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {729F1FB9-D312-47BF-B7F3-AA20FD319BA4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {9DB7A303-B0D5-47E0-84AA-E1C88AAE1F7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EA4D557-5788-4B2F-A78D-C5374D670EF8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A668DB62-6CCE-46C9-A952-939BECD4A6D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1590389668 => C:\Users\Stiburek\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Stiburek\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A7C1E587-8E49-40DD-9D14-27FF720CFBC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [564536 2015-06-24] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {AD6D4334-4535-4E19-AC82-0E81CEE233C5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {BB51BD1C-6531-440B-AD51-0657E38AE6B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {C47CC823-8907-4F1F-AB90-0FFD94D7E8A8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@cyklosportsr.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CE4AA155-BBBF-4A75-9FEF-55C07962C548} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-18] (Google Inc -> Google Inc.)
Task: {DA33A6E9-916F-4D23-B63B-FD4BAADDC319} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E9192E9F-40BB-4761-81AF-9E7B5B1E0BB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EF6F3AF5-294B-4745-9866-376DA823DD76} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3736271558-2664885646-4274364148-1001_2 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [420864 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
Task: {EFC29565-C9AB-4BBC-9922-5C664001700B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE905F09-3014-4F9D-A658-F41487A53B23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b5ec9f8b-5e91-48e7-80c1-49e5936df0ef}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Stiburek\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> hxxp://www.cyklosportsr.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Stiburek\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-15]
Edge DownloadDir: Default -> C:\Users\Stiburek\Downloads
Edge HomePage: Default -> hxxp://www.cyklosportsr.cz/
FireFox:
========
FF DefaultProfile: 4liywnbz.default
FF ProfilePath: C:\Users\Stiburek\AppData\Roaming\Mozilla\Firefox\Profiles\4liywnbz.default [2022-02-15]
FF NetworkProxy: Mozilla\Firefox\Profiles\4liywnbz.default -> http", "89.248.244.182"
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-11-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-10-07] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-07-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default [2022-02-15]
CHR Notifications: Default -> hxxps://app.plus500.com; hxxps://calendar.google.com; hxxps://cs.duolingo.com; hxxps://phocs.ru; hxxps://talk.youradio.cz; hxxps://www.duolingo.com; hxxps://www.hanziwork.cz; hxxps://www.instagram.com; hxxps://www.seduo.cz
CHR HomePage: Default -> hxxp://www.cyklosportsr.cz/
CHR StartupUrls: Default -> "hxxp://www.cyklosportsr.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://bhloflhklmhfpedakmangadcdofhnnoh/index.html", Not-active:"chrome-extension://cocjcidknhpoeipkjfkhfjbhicgdmhaj/newtab/newtab.html"
CHR Extension: (Learn English - Beelingo.com) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeefohgoiafgjjpihnoeofgijggpbmmf [2016-04-18]
CHR Extension: (Duolingo on the Web) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2016-04-18]
CHR Extension: (Dokumenty) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (Earth View from Google Earth) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2020-09-18]
CHR Extension: (YouTube) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-18]
CHR Extension: (Vocabla - budovat svou slovní zásobu) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk [2016-04-18]
CHR Extension: (uBlock Origin) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-02-12]
CHR Extension: (Alexa Traffic Rank) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2022-02-15]
CHR Extension: (MagicScroll Web Reader) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecldhagehndokdmaiaigoaecbmbnmfkc [2021-03-14]
CHR Extension: (I don't care about cookies) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2021-03-10]
CHR Extension: (AB Blocker) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hneamlikkijedhidoagchnpcnibffhac [2017-05-19]
CHR Extension: (Webcam Toy) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2018-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2016-10-13]
CHR Extension: (Learn English) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogeblbgokjljbcoipfmbphbmcdbbnfjc [2016-04-18]
CHR Extension: (Gmail) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-01]
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-07-22]
Opera:
=======
OPR Profile: C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable [2022-02-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 BoschDevNodeService; C:\Program Files (x86)\Bosch eBike Diagnostic Software\BoschDevNodeCleanService64.exe [350720 2021-12-15] (Robert Bosch GmbH) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe [1512544 2021-10-30] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
R3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [395744 2015-01-14] (Intel(R) Wireless Display -> Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
S2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe [591968 2021-10-30] (HP Inc. -> HP Inc.)
S2 LockService; C:\Program Files (x86)\Bosch eBike Diagnostic Software\prunsrv\amd64\prunsrv.exe [109696 2021-12-15] (CodeSigning for The Apache Software Foundation -> Apache Software Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MSSQL$DUEL; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6136536 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$DUEL; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 hidemi; C:\WINDOWS\system32\drivers\hidemi.sys [29024 2015-07-06] (Microchip Technology Inc. -> Microchip)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mchpemi; C:\WINDOWS\system32\drivers\mchpemi.sys [37728 2015-07-06] (Microchip Technology Inc. -> Microchip)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsl721f2289; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DBDCB231-EA07-49C0-81F9-FCB12AEF891C}\MpKslDrv.sys [135440 2022-02-15] (Microsoft Windows -> Microsoft Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-01-14] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-15 17:18 - 2022-02-15 17:20 - 000032908 _____ C:\Users\Stiburek\Desktop\FRST.txt
2022-02-15 17:18 - 2022-02-15 17:18 - 002312192 _____ (Farbar) C:\Users\Stiburek\Desktop\FRST64.exe
2022-02-15 16:45 - 2022-02-15 16:45 - 000912797 _____ C:\Users\Stiburek\Desktop\FAKTURA_223215.xlsx
2022-02-12 21:15 - 2022-02-12 21:15 - 000000000 ___HD C:\$WinREAgent
2022-02-12 21:13 - 2022-02-12 21:13 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3736271558-2664885646-4274364148-1001_2
2022-02-11 13:38 - 2022-02-11 13:38 - 000003716 _____ C:\WINDOWS\system32\Tasks\Bosch - start LockService
2022-02-11 13:38 - 2022-02-11 13:38 - 000001433 _____ C:\Users\Public\Desktop\Bosch DiagnosticTool.lnk
2022-02-11 13:38 - 2022-02-11 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robert Bosch
2022-02-11 13:38 - 2022-02-11 13:38 - 000000000 ____D C:\Program Files (x86)\Bosch eBike Diagnostic Software Compatibility Layer 1.0
2022-02-11 09:23 - 2022-02-11 09:23 - 000000000 ____D C:\kolaweby
2022-02-09 11:09 - 2022-02-09 11:09 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-09 11:09 - 2022-02-09 11:09 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-09 11:09 - 2022-02-09 11:09 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-09 11:09 - 2022-02-09 11:09 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-09 11:09 - 2022-02-09 11:09 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-03 23:21 - 2022-02-03 23:21 - 000121063 _____ C:\Users\Stiburek\Desktop\AC_Connectivity_podmínky.pdf
2022-02-02 10:23 - 2022-02-02 10:23 - 014519702 _____ C:\Users\Stiburek\Desktop\seznam-stb.zip
2022-01-23 09:24 - 2022-01-23 09:24 - 000056970 _____ C:\Users\Stiburek\Desktop\2022 Kalendář MC akcí FINAL.PDF
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-15 17:19 - 2021-11-29 11:03 - 000000000 ____D C:\FRST
2022-02-15 17:19 - 2019-10-03 17:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-02-15 17:17 - 2019-01-14 10:43 - 000000000 ____D C:\Program Files\CCleaner
2022-02-15 17:14 - 2016-04-18 16:20 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-15 16:51 - 2020-08-23 07:48 - 000000000 ____D C:\Users\Stiburek
2022-02-15 16:51 - 2016-05-03 06:03 - 000000000 ____D C:\Users\Stiburek\AppData\Roaming\eM Client
2022-02-15 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-15 16:04 - 2020-08-25 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-15 11:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-15 11:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-15 05:09 - 2016-06-18 23:03 - 000000000 ____D C:\Users\Stiburek\AppData\Local\Adobe
2022-02-14 06:12 - 2020-08-25 19:10 - 001876258 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-14 06:12 - 2019-12-07 15:43 - 000783122 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-14 06:12 - 2019-12-07 15:43 - 000172820 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-14 06:12 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-14 06:05 - 2016-04-15 11:51 - 000000000 __SHD C:\Users\Stiburek\IntelGraphicsProfiles
2022-02-14 06:04 - 2020-08-25 19:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-14 06:04 - 2020-08-25 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-14 06:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-14 06:04 - 2017-06-14 05:23 - 000000000 ____D C:\ProgramData\Synaptics
2022-02-14 06:04 - 2017-02-16 16:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-02-14 06:04 - 2015-11-10 07:11 - 000000000 ____D C:\Intel
2022-02-12 21:22 - 2020-08-16 23:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-12 21:20 - 2020-06-12 21:08 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-12 21:20 - 2020-06-12 21:08 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-12 21:20 - 2016-04-18 16:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-12 21:20 - 2016-04-18 16:21 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-12 21:19 - 2020-08-23 07:36 - 000000000 ____D C:\ProgramData\ssh
2022-02-12 21:19 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-02-12 21:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-12 21:10 - 2020-08-25 18:56 - 005069008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-12 21:09 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-12 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-12 21:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-11 13:38 - 2017-07-17 12:29 - 000002805 _____ C:\ProgramData\regid.2013-05.com.robertbosch_9763e19b-1f10-11b2-9765-88ff02738da9_2.swidtag
2022-02-11 13:38 - 2016-09-14 12:18 - 000000000 ____D C:\Program Files (x86)\Bosch eBike Diagnostic Software
2022-02-11 13:37 - 2016-05-16 08:26 - 000000000 ____D C:\ProgramData\eBikeApp
2022-02-10 18:40 - 2020-08-25 19:07 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-10 07:20 - 2018-02-24 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-09 11:09 - 2020-08-25 18:59 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-09 10:59 - 2016-04-15 16:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-09 10:57 - 2016-04-15 16:15 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-06 14:29 - 2016-10-31 19:45 - 000000000 ____D C:\emaily
2022-02-06 14:27 - 2021-10-03 07:22 - 000000000 ____D C:\Inspirace
2022-02-05 07:50 - 2021-07-07 05:29 - 000010166 _____ C:\Users\Stiburek\Desktop\Kola na výběr.xlsx
2022-02-02 06:29 - 2020-08-25 19:07 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1590389663
2022-02-02 06:29 - 2020-05-25 07:54 - 000001469 _____ C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-01-27 21:34 - 2020-10-30 20:06 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6aeef8b3f177f
2022-01-27 21:34 - 2020-08-25 19:07 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-27 11:05 - 2021-12-13 10:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3736271558-2664885646-4274364148-1001
2022-01-27 11:05 - 2020-08-25 19:07 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3736271558-2664885646-4274364148-1001
2022-01-27 11:05 - 2020-08-23 07:48 - 000002441 _____ C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-26 15:24 - 2016-10-23 19:18 - 000000000 ____D C:\Users\Stiburek\AppData\Local\PokerStars.CZ
2022-01-22 07:18 - 2021-11-27 06:29 - 000000000 ____D C:\Users\Stiburek\AppData\Local\AMD_Common
2022-01-21 05:54 - 2020-08-25 19:07 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 05:54 - 2020-08-25 19:07 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories ========
2017-09-22 10:21 - 2021-08-06 07:58 - 000000132 _____ () C:\Users\Stiburek\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2016-04-20 21:28 - 2021-11-02 19:05 - 000000128 _____ () C:\Users\Stiburek\AppData\Roaming\winscp.rnd
2019-03-20 05:48 - 2019-03-20 05:48 - 000000000 _____ () C:\Users\Stiburek\AppData\Local\oobelibMkey.log
2017-09-18 05:01 - 2017-09-18 05:01 - 000013237 _____ () C:\Users\Stiburek\AppData\Local\recently-used.xbel
2019-05-16 17:07 - 2019-05-16 17:07 - 000000017 _____ () C:\Users\Stiburek\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
