VIRY.CZ

Zdravím, chtěl bych poprosit o kontrolu logu notebooku mé přítelkyně.
Předem děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Ran by Kristýna (administrator) on TYNANTB (Hewlett-Packard HP ProBook 4540s) (23-02-2022 16:08:00)
Running from C:\Users\Kristýna\Desktop
Loaded Profiles: Kristýna
Platform: Microsoft Windows 8 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(explorer.exe ->) (Backup Software Limited -> MyPCBackup.com) [File not signed] C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Users\Kristýna\AppData\Local\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Backup Software Limited -> Just Develop It) [File not signed] C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(services.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(services.exe ->) (PDF Complete -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(services.exe ->) (Right Backup Software Pvt. Ltd. -> Systweak) C:\Program Files (x86)\Right Backup\RBClientService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(services.exe ->) (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(svchost.exe ->) (Skype Software Sarl -> Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(winlogon.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-20] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-08-21] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2014-03-04] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-08-31] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024 2012-08-31] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT CORPORATION -> IVT Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ATTENTION
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [Google Update] => C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe [223816 2022-02-23] (Google LLC -> Google LLC)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [BackgroundContainerV3] => C:\Users\Kristýna\AppData\Local\Cctbplt\BackgroundContainer\BackgroundContainer.dll [300352 2016-09-29] (ClientConnect LTD -> ClientConnect Ltd.)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {44c226db-9651-11e8-bf60-b4b52f85fe21} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {70a277ef-63e0-11e6-bf21-f4b7e22ef5b4} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1712672 2012-11-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [257024 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [355840 2012-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\Windows\system32\hpz3lw72.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDFC: C:\Windows\system32\pdfc_port.dll [20600 2013-06-05] (PDF Complete -> PDF Complete, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2012-08-25] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2012-08-25] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Kristýna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2013-10-20]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (Backup Software Limited -> MyPCBackup.com) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AC080B2-A751-4456-9E31-A53ED64ED6CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {28609EDF-6260-4A79-9AC4-38D16D9ED0FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {2ADA4C38-2465-491B-8F6A-058AE19BF62E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {382E0FED-E63D-4B9E-B330-A20074577F66} - System32\Tasks\{6E5CF903-34FC-4885-A5D2-C9AF0B5AB018} => "c:\users\kristýna\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... astError=2
Task: {3A2DD059-1B32-46F8-8122-DF0A1711A93C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage => {5F074BDF-4BA3-4E68-AE86-2A6B0B5963B0} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {78FBC5EA-04C0-437E-9B20-04E0EAA404F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {7AF31F2B-3024-451F-B8C3-92E18BAFC909} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {8061BEE6-524D-4FFB-9DD0-FCB5FCB5F6EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {89BB2BF5-264E-40F8-BB50-4C5270468608} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA => C:\Users\Kristýna\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8A2A204D-52BA-42E1-98D7-B7980D638E44} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.)
Task: {A10F850C-FE25-4377-BAA0-A143FC18B7F7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1790184 2021-06-08] (Avast Software s.r.o. -> Avast Software)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask => {0AC1DBCA-7F9F-47FC-A090-34E5FEB291E8} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\Windows\system32\SettingSyncInfo.dll [128512 2015-08-04] (Microsoft Windows -> Microsoft Corporation)
Task: {BB5BA204-753F-4110-AA71-0EA0D3F9C8BF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C84139E0-6EE3-4990-973D-3E60CEECEE78} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core => C:\Users\Kristýna\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D7E5F0E5-8452-45A1-923A-1EC0428E8C64} - System32\Tasks\{94891C20-65AE-4346-8A61-D3D4F98AE9E3} => "c:\users\kristýna\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... astError=2
Task: {DC507DCF-5641-4E33-93F1-61D30D80E9CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {F1D24F6B-DFE2-476E-9EDD-EA899DB684F6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4808928 2021-06-09] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2336824586-1628868951-4251119241-1002] => proxy.ujep:3128
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{2F77C2FF-B7C4-4B81-848C-F953D03CD850}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{8440502F-9A3F-41FD-AE22-3ECA874AF36E}: [NameServer] 217.77.161.134,217.77.165.81

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-02-18] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-08-25] (DigitalPersona, Inc. -> DigitalPersona, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default [2022-02-23]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Extension: (Dokumenty) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-26]
CHR Extension: (YouTube) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Systweak) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhoigiahaahldpgnbbimfecackdgccna [2014-06-16] [UpdateUrl:hxxp://autoupdate.chromewebtb.tbccint.com/sb/?productId=CT3267244&extensionData=\u003Cextension_data>] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-23]
CHR Extension: (DigitalPersona Extension) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2013-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-08]
CHR Extension: (Gmail) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-26]
CHR HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhoigiahaahldpgnbbimfecackdgccna] - C:\Users\Kristýna\AppData\Local\CRE\dhoigiahaahldpgnbbimfecackdgccna.crx [2013-10-19]
CHR HKLM-x32\...\Chrome\Extension: [dhoigiahaahldpgnbbimfecackdgccna] - C:\Users\Kristýna\AppData\Local\CRE\dhoigiahaahldpgnbbimfecackdgccna.crx [2013-10-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-08-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7776160 2020-08-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [353696 2020-08-21] (Avast Software s.r.o. -> AVAST Software)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-11-16] (Backup Software Limited -> Just Develop It) [File not signed] <==== ATTENTION
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT CORPORATION -> IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT CORPORATION -> IVT Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824 2012-08-25] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477088 2012-08-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete -> PDF Complete Inc)
R2 RBClientService; C:\Program Files (x86)\Right Backup\RBClientService.exe [48240 2014-07-11] (Right Backup Software Pvt. Ltd. -> Systweak)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2012-09-20] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Windows -> Microsoft Corporation)
S2 avast! Tools; "C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35664 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [216360 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365536 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250336 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99296 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41296 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [180944 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522864 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107792 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82856 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851184 2021-12-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471352 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217336 2020-08-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2021-06-09] (Avast Software s.r.o. -> AVAST Software)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Technology Corporation -> Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation -> IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Technology Corporation -> Ralink Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Technology Corporation -> Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
R3 clwvd; C:\Windows\system32\DRIVERS\clwvd.sys [40944 2012-08-28] (CyberLink -> CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [64832 2012-07-25] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1864328 2012-10-04] (SONIX TECHNOLOGY CO. , LTD -> )
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [543744 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Windows -> Microsoft Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Technology Corporation -> Ralink Corporation.)
S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\Users\Kristýna\Downloads\BearShareSetup-r1411-n-bc.exe"
2022-02-23 16:07 - 2022-02-23 16:09 - 000028131 _____ C:\Users\Kristýna\Desktop\FRST.txt
2022-02-23 16:07 - 2022-02-23 16:08 - 000000000 ____D C:\FRST
2022-02-23 16:06 - 2022-02-23 15:49 - 002312192 _____ (Farbar) C:\Users\Kristýna\Desktop\FRST64.exe
2022-02-23 12:16 - 2022-02-23 12:16 - 000000000 ____D C:\Users\Kristýna\AppData\Local\ElevatedDiagnostics

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-23 16:09 - 2013-08-23 19:57 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2336824586-1628868951-4251119241-1002
2022-02-23 16:07 - 2012-11-22 05:19 - 000756994 _____ C:\Windows\system32\perfh005.dat
2022-02-23 16:07 - 2012-11-22 05:19 - 000163422 _____ C:\Windows\system32\perfc005.dat
2022-02-23 16:07 - 2012-07-26 08:28 - 001854972 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-23 16:07 - 2012-07-26 06:37 - 000000000 ____D C:\Windows\Inf
2022-02-23 13:18 - 2015-02-01 11:27 - 000000000 ____D C:\Users\Kristýna\AppData\Roaming\Skype
2022-02-23 12:52 - 2013-08-24 12:16 - 000002400 _____ C:\Users\Kristýna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-23 12:52 - 2013-08-24 12:16 - 000002363 _____ C:\Users\Kristýna\Desktop\Google Chrome.lnk
2022-02-23 12:35 - 2013-08-24 12:14 - 000003572 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA
2022-02-23 12:35 - 2013-08-24 12:14 - 000003300 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core
2022-02-23 12:16 - 2017-03-18 20:32 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-02-23 12:16 - 2012-07-26 09:12 - 000000000 ____D C:\Windows\system32\NDF

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-11-25 03:00
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
Ran by Kristýna (23-02-2022 16:16:17)
Running from C:\Users\Kristýna\Desktop
Microsoft Windows 8 (X64) (2013-08-23 18:50:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2336824586-1628868951-4251119241-500 - Administrator - Disabled)
Guest (S-1-5-21-2336824586-1628868951-4251119241-501 - Limited - Disabled)
Kristýna (S-1-5-21-2336824586-1628868951-4251119241-1002 - Administrator - Enabled) => C:\Users\Kristýna

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.4.2464 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.2006 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4330 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.1.3231 - CyberLink Corp.)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.0.3 - Hewlett-Packard Company)
Dropbox (HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 7.2.0.4542 - Hewlett-Packard Company) Hidden
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.0.4542 - Hewlett-Packard Company)
FastStone Image Viewer 4.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.8 - FastStone Soft)
Google Chrome (HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{29989969-FED8-4EFB-8FB2-39429D37E471}) (Version: 5.1.5.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{FCD58C04-324A-40D1-BA9E-1A754DF1736D}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 8 (HKLM-x32\...\{482FF7A0-EA03-487A-9112-862D3341B76C}) (Version: 1.2.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix)
HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 8.0.0.1314 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM-x32\...\{B50981AD-95E8-4E4D-912A-7C4B738387CA}) (Version: 3.4.6.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.8.34.31 - HP)
HP Support Solutions Framework (HKLM-x32\...\{579A990C-3855-4838-AF23-354CE2264BC0}) (Version: 12.5.32.203 - HP)
HP System Default Settings (HKLM-x32\...\{357FE1E9-5890-4697-95DD-B15E01B4AA2A}) (Version: 1.3.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - MyPC Backup)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.49 - PDF Complete, Inc)
Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
Systweak Toolbar for IE (HKLM-x32\...\IECT3267244) (Version: 6.17.1.25 - Systweak) <==== ATTENTION
Theft Recovery for HP ProtectTools (HKLM-x32\...\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Device Recovery Tool 3.10.24401 (HKLM-x32\...\{202fa488-c686-40ac-903c-d38e4c150112}) (Version: 3.10.24401 - Microsoft)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)

Packages:
=========
Bing -> C:\Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation)
Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.308_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_2.0.3.9_x86__q4d96b2w5wcc2 [2014-03-21] (Evernote)
Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_2.0.0.308_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Fotky -> C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation)
Fotoaparát -> C:\Program Files\WindowsApps\Microsoft.Camera_6.2.9200.20523_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.4.1.1_neutral__v10z8vjag6ke6 [2014-03-07] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.141_neutral__v10z8vjag6ke6 [2014-03-21] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_1.5.216.0_x64__8wekyb3d8bbwe [2013-12-21] (Microsoft Corporation) [MS Ad]
Knihovna Microsoft Windows pro jazyk JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.1.0.RC_1.0.8377.0_neutral__8wekyb3d8bbwe [2013-02-18] (Microsoft Platform Extensions)
Media Suite for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.MediaSuiteforHP_1.1.1.17755_x86__06qsbagp91rvg [2014-03-21] (CYBERLINKCOM CORP)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_16.4.4396.311_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation)
Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_1.0.0.128_x86__kzf8qxf38zg5c [2013-02-18] (Skype)
Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_1.2.0.135_x64__8wekyb3d8bbwe [2012-11-22] (Microsoft Corporation) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.767.0_x64__8wekyb3d8bbwe [2014-03-11] (Microsoft Corporation) [MS Ad]
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_1.0.17.436_neutral__cx08jceyq9bcp [2015-04-04] (Vodafone Group Services)
Výběr prohlížeče -> C:\Windows\BrowserChoice [2013-08-26] (Microsoft Corporation)
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.30.1527.3_x64__8wekyb3d8bbwe [2016-09-29] (Microsoft Corporation)
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.1.1829_x86__06qsbagp91rvg [2013-02-18] (CYBERLINKCOM CORP)
Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_2.0.0.308_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Kristýna\AppData\Local\Google\Chrome\Application\98.0.4758.102\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BthSendToContextMenuExt] -> {CF373149-C3D9-4AEB-9CE8-BDD1D2FFFA5B} => C:\Windows\system32\BSAppShlExt.dll [2012-09-19] (IVT CORPORATION -> TODO: <公司名>)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-12-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-12-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2336824586-1628868951-4251119241-1002: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2336824586-1628868951-4251119241-1002: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2336824586-1628868951-4251119241-1002: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-11-16 10:18 - 2014-11-16 10:18 - 000012288 _____ () [File not signed] C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-19 23:32 - 2013-09-19 23:32 - 001102336 _____ () [File not signed] C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-11-25 09:07 - 2013-08-02 19:21 - 000886272 _____ () [File not signed] C:\Program Files (x86)\Right Backup\System.Data.SQLite.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () [File not signed] C:\Program Files (x86)\Skype\Phone\skypert.dll
2012-01-18 01:56 - 2012-01-18 01:56 - 000005632 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\Interop.HPQWMIEXLib.dll
2016-10-31 20:45 - 2016-10-31 20:45 - 000592384 _____ () [File not signed] C:\Users\Kristýna\AppData\Local\MEGAsync\ShellExtX64.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000016384 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\cd62420cb4e3198c151817f24dee24b0\PSIClient.ni.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 001412608 _____ () [File not signed] C:\Windows\SYSTEM32\LIBEAY32.dll
2013-09-19 23:32 - 2013-09-19 23:32 - 003483136 _____ (Amazon.com, Inc) [File not signed] C:\Program Files (x86)\MyPC Backup\AWSSDK.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 002792960 _____ (Apache Software Foundation) [File not signed] C:\Windows\SYSTEM32\xerces-c_3_0.dll
2014-11-16 10:19 - 2014-11-16 10:19 - 000407040 _____ (Bright Ideas Software) [File not signed] C:\Program Files (x86)\MyPC Backup\ObjectListView.dll
2012-07-11 23:02 - 2012-07-11 23:02 - 004907008 _____ (Cogent Systems Inc.) [File not signed] C:\Windows\SYSTEM32\CgtFace_Dll.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000916992 _____ (Free Software Foundation) [File not signed] C:\Windows\SYSTEM32\iconv.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000044544 _____ (Free Software Foundation) [File not signed] C:\Windows\SYSTEM32\intl.dll
2013-03-26 21:12 - 2013-03-26 21:12 - 000056832 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HP.Mobile.Shared.dll
2012-01-18 01:56 - 2012-01-18 01:56 - 000140800 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomain.dll
2012-01-18 01:56 - 2012-01-18 01:56 - 000903168 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTHostServices.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000024576 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\99b4282fde27fb7e754a1ab63d3f9389\IAStorCommon.ni.dll
2012-11-22 04:47 - 2014-03-04 17:24 - 000465920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2012-11-22 04:47 - 2014-03-04 17:24 - 000269824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-02-18 14:03 - 2012-08-09 08:18 - 000322560 _____ (Intel Corporation) [File not signed] C:\Program Files\Common Files\Intel\Media SDK\i2\3.0\mfx_mft_h264ve_64.dll
2015-01-26 19:31 - 2015-01-26 19:31 - 000074752 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\6ca1389b8a688cfb50a97d91d84163f3\IAStorDataMgr.ni.dll
2015-09-11 20:01 - 2015-09-11 20:01 - 000363008 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\b25b7d0e72f5b4810502da030939f21f\IAStorUtil.ni.dll
2015-06-03 13:50 - 2015-06-03 13:50 - 001046528 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\bc5f55cf05c25c0579a421a8569aff1c\IAStorViewModel.ni.dll
2015-01-26 19:31 - 2015-01-26 19:31 - 003688960 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\PSI\d9fa8d9daf90d7a8ca317a8efede35ac\PSI.ni.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000622592 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\PsiData\58bbecd95416bbc527fe25deb803d490\PsiData.ni.dll
2013-02-18 14:21 - 2013-02-18 14:21 - 000348160 ____N (Microsoft Corporation) [File not signed] c:\Program Files (x86)\CyberLink\PowerDVD10\MSVCR71.dll
2017-10-05 22:05 - 2017-10-05 22:05 - 002969600 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmCodecs.dll
2017-10-05 22:08 - 2017-10-05 22:08 - 000941056 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmMediaManager.dll
2017-10-05 22:03 - 2017-10-05 22:03 - 000654848 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPal.dll
2017-10-05 22:07 - 2017-10-05 22:07 - 010914816 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPltfm.dll
2017-10-05 22:04 - 2017-10-05 22:04 - 000089088 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2013-08-27 15:37 - 2013-08-27 15:37 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2013-08-27 15:37 - 2013-08-27 15:37 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2013-02-18 14:08 - 2013-02-18 14:08 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-11-16 10:19 - 2014-11-16 10:19 - 001440768 _____ (Microsoft) [File not signed] C:\Program Files (x86)\MyPC Backup\MPCBClient.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000026624 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\08174423ca7bd61600da5cd3caad1d7c\IAStorDataMgrSvcInterfaces.ni.dll
2014-11-16 10:19 - 2014-11-16 10:19 - 002881536 _____ (mypcbackup.com) [File not signed] C:\Program Files (x86)\MyPC Backup\Shared Stack.dll
2017-10-05 22:16 - 2017-10-05 22:16 - 027716608 ____R (Skype Technologies S.A.) [File not signed] C:\Program Files (x86)\Skype\Phone\SkypeSkylib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=G3A0B15BED26 ... =CT3210127
URLSearchHook: HKLM-x32 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
URLSearchHook: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 -> {25DE19EA-8A29-4C90-AB1B-E7ACAA6B5042} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3267244&CUI=UN36443489151092125&UM=2
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: No Name -> {424e2f9c-eb5b-4b51-87e5-5831781bc515} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL [2017-07-18] (Skype Software Sarl -> Skype Technologies)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2019-01-10 10:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kristýna\Downloads\40374913_249811165727449_9002632995835740160_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F56E61C9-3773-4299-A264-22EA1656FAE6}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{88ED8EDF-3EAC-493D-B1A3-BC44DB49CF94}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{F6639FF7-DF88-4EFA-91F4-A0E3C89A1938}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA5C40B9-12E5-46BB-A74A-B00554A80F50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{81F0AB64-7A19-4642-AFE9-8EF5C7E2120B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69BC6FDD-ADEE-45FA-AA11-6CE808E6C569}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EE0A1D1-2F4D-446D-B724-142961E4C982}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{6AE1191F-53F5-482A-83EA-D76182C8453E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{23B06642-A3EA-4E1A-AC1A-3DE889C36AFA}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{DB5D794B-B50C-4116-A94F-64FCF0F7B7FA}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{A1DAE770-C8C4-4ED6-A8E3-7D399803C2D8}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{18392D82-7EA5-4622-82A4-59FE409837EC}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{CEFC1585-5D2A-4EEA-A4B2-B118534BAA66}] => (Allow) C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
FirewallRules: [{0E4052E5-B214-421D-B1BA-61292ADE1E54}] => (Allow) C:\Users\Kristýna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
FirewallRules: [TCP Query User{8F66A353-602B-45F9-9CD8-C60200A6C269}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{60C330AC-CDFA-4E83-AD96-A8241D2B74B0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4900CC1-5655-4243-BE66-59416C268D4E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
FirewallRules: [{78DF0545-8460-4265-9227-E99385BC7A8A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
FirewallRules: [TCP Query User{3A5A0519-99E1-43D7-B4A8-E1404170A85A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{71AE27E4-C3B5-46AA-84F9-95702533C3B9}C:\users\kristýna\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\kristýna\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{F6B1429D-C828-41FB-BAF9-6EF15403CBBD}C:\users\kristýna\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\kristýna\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-11-2020 12:12:21 Naplánovaný kontrolní bod
20-11-2020 03:00:33 Naplánovaný kontrolní bod
27-11-2020 03:00:42 Naplánovaný kontrolní bod
01-12-2020 21:27:08 Windows Update
09-03-2021 13:14:13 Windows Update

==================== Faulty Device Manager Devices ============

Name: Ralink Bluetooth PCIe Adapter
Description: Ralink Bluetooth PCIe Adapter
Class Guid: {d2de069d-7286-420b-baf8-225d700ce748}
Manufacturer: Ralink Technology Corp.
Service: rtbth
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/23/2021 09:59:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9750

Error: (12/23/2021 09:59:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9750

Error: (12/23/2021 09:59:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/23/2021 09:59:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7578

Error: (12/23/2021 09:59:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7578

Error: (12/23/2021 09:59:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/03/2021 08:19:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 1741094935 ticks; setting correction factor to -1688347980

Error: (07/27/2021 08:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109


System errors:
=============
Error: (02/23/2022 04:22:58 PM) (Source: DCOM) (EventID: 10010) (User: TYNANTB)
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/23/2022 04:20:58 PM) (Source: DCOM) (EventID: 10010) (User: TYNANTB)
Description: Server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/23/2022 04:07:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70

Error: (02/23/2022 04:07:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70

Error: (12/20/2021 03:18:57 PM) (Source: DCOM) (EventID: 10029) (User: TYNANTB)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (12/20/2021 03:14:56 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (12/20/2021 03:10:54 PM) (Source: DCOM) (EventID: 10029) (User: TYNANTB)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (12/20/2021 03:09:19 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 10. Stav chyby Windows SChannel: 10


Windows Defender:
================
Date: 2013-02-18 15:22:08.213
Description:
Program Windows Defender zjistil podezřelé chování.
Název: Behavior:Win32/ModifiedBootRecord
Závažnost: Low
Kategorie: Suspicious Behavior
Nalezená cesta: file:_C:\SYSTEM.SAV\WDT\OSChanger64.exe;process:_160
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: AI4GEULREVC53\Administrator
Název procesu: C:\SYSTEM.SAV\WDT\OSChanger64.exe
ID podpisu: 23858570787236
Verze podpisu: AV: 1.129.21.0, AS: 1.129.21.0
Verze modulu: 1.1.8502.0
Osvědčení o věrnosti: Střední
Název cílového souboru:
Event[0]:

Date: 2016-10-05 16:52:26.742
Description:
Windows Defender nalezl chybu při pokusu o načtení podpisů a pokusí se obnovit jejich známou správnou konfiguraci.
Pokus o podpisy: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.129.21.0;1.129.21.0
Verze modulu: 1.1.8502.0

Date: 2015-02-19 17:52:40.351
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.129.21.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.8502.0
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2015-02-19 17:52:40.351
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.129.21.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.8502.0
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68IRR Ver. F.62 09/29/2016
Motherboard: Hewlett-Packard 17F6
Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 76%
Total physical RAM: 3978.84 MB
Available physical RAM: 953.27 MB
Total Virtual: 7707.62 MB
Available Virtual: 1507.93 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:449.3 GB) (Free:7.7 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:13.25 GB) (Free:2.1 GB) NTFS

\\?\Volume{9213fa4c-9b80-4ee5-bdac-21910ecac893}\ (WinRE) (Fixed) (Total:0.98 GB) (Free:0.7 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Tak jsem stáhnul utilitu nechal proskenovat a našlo to asi 105 položek, potom byl vyžadován restart.
Restart trval asi 20 minut (už jsem myslel, že se pc zasekl, ale nakonec se restartoval).
Potom po naběhnutí loga HP se začal načítat systém, ale spadne do modré smrti a takhle pořád dokola.
Dostal jsem se do biosu a disk je tam vidět, ale před načítáním systému se vždy objeví modrá smrt.

To je divné. Pokud můžete nastartovat do nouz. režimu, zkuste obnovu systému k datu, kdy korektně fungoval.

Tak si po hodinovém zkoušení podařilo nastartovat systém, ale byl to teda boj.

OK. Dejte nové logy FRST+Addition.

Tady je ještě log z ADW Cleaneru, předtím jsem ho zapomněl přidat.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-23-2022
# Duration: 00:02:58
# OS: Windows 8
# Cleaned: 103
# Awaiting reboot:1
# Failed: 0


***** [ Services ] *****

Deleted BackupStack
Deleted RBClientService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Conduit
Deleted C:\Program Files (x86)\MyPC Backup
Deleted C:\Program Files (x86)\Right Backup
Deleted C:\Program Files (x86)\SEARCHPROTECT
Deleted C:\Program Files (x86)\Systweak
Deleted C:\ProgramData\Conduit
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
Deleted C:\ProgramData\Systweak
Deleted C:\ProgramData\apn
Deleted C:\Users\Kristýna\AppData\LocalLow\Conduit
Deleted C:\Users\Kristýna\AppData\LocalLow\Systweak
Deleted C:\Users\Kristýna\AppData\Local\Cctbplt
Deleted C:\Users\Kristýna\AppData\Local\Conduit
Deleted C:\Users\Kristýna\AppData\Local\NativeMessaging
Deleted C:\Users\Kristýna\AppData\Local\TBHostSupport
Deleted C:\Users\Kristýna\AppData\Local\Temp\apn
Deleted C:\Users\Kristýna\AppData\Roaming\ASP
Deleted C:\Users\Kristýna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Deleted C:\Users\Kristýna\AppData\Roaming\SEARCHPROTECT
Deleted C:\Users\Kristýna\AppData\Roaming\Systweak
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak

***** [ Files ] *****

Deleted C:\END
Deleted C:\Users\Kristýna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Deleted C:\Users\Kristýna\Desktop\Live PC Help.lnk
Deleted C:\Users\Kristýna\Desktop\MyPC Backup.lnk
Deleted C:\Users\Kristýna\Desktop\Sync Folder.lnk
Deleted C:\Users\Public\Desktop\Right Backup.lnk
Deleted C:\Windows\System32\roboot64.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AppDataLow\Software\Conduit
Deleted HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKCU\Software\AppDataLow\Software\systweak
Deleted HKCU\Software\AppDataLow\Toolbar
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{25DE19EA-8A29-4C90-AB1B-E7ACAA6B5042}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|BackgroundContainer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|BackgroundContainerV3
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TBHostSupport
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|BackgroundContainerV3
Deleted HKCU\Software\SEARCHPROTECT
Deleted HKCU\Software\systweak
Deleted HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENAS\COMMAND|ADVANCED SYSTEM PROTECTOR.BAK
Deleted HKLM\SOFTWARE\Classes\Toolbar.CT3267244
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IECT3267244
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Deleted HKLM\Software\Wow6432Node\systweak
Deleted HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted HKU\S-1-5-18\Software\AskPartnerNetwork

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted Preinstalled.DellDataProtection Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{2DC80C06-0687-5383-8B6B-2A9E50F53F64}
Deleted Preinstalled.DellDataProtection Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{2DC80C06-0687-5383-8B6B-2A9E50F53F64}
Deleted Preinstalled.DellDataProtection Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{2DC80C06-0687-5383-8B6B-2A9E50F53F64}
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted Preinstalled.HPHealthCheck Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}
Deleted Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Deleted Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Kristýna\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Kristýna\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FF27F674-821E-4BA2-985B-DDF539C2CD03}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Mirage
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Tray
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|YouCam Mirage
Deleted Preinstalled.LenovoYouCam Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|YouCam Tray
Needs Reboot Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****

A teď potřebuji ty nové logy FRST+Addition.

Tady jsou nové logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Ran by Kristýna (administrator) on TYNANTB (Hewlett-Packard HP ProBook 4540s) (24-02-2022 00:06:42)
Running from C:\Users\Kristýna\Desktop
Loaded Profiles: Kristýna
Platform: Microsoft Windows 8 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(explorer.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\AutoUpdate.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (PDF Complete -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17516_none_6276a5b950d43361\TiWorker.exe
(svchost.exe ->) (Skype Software Sarl -> Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(wbem\WmiPrvSE.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-20] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2014-03-04] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [Google Update] => C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe [223816 2022-02-23] (Google LLC -> Google LLC)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {44c226db-9651-11e8-bf60-b4b52f85fe21} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {70a277ef-63e0-11e6-bf21-f4b7e22ef5b4} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1712672 2012-11-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [257024 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [355840 2012-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\Windows\system32\hpz3lw72.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDFC: C:\Windows\system32\pdfc_port.dll [20600 2013-06-05] (PDF Complete -> PDF Complete, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6960.198\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3026EDB1-B889-4400-AE50-9F5400FC7E67} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {382E0FED-E63D-4B9E-B330-A20074577F66} - System32\Tasks\{6E5CF903-34FC-4885-A5D2-C9AF0B5AB018} => "c:\users\kristýna\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... astError=2
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage => {5F074BDF-4BA3-4E68-AE86-2A6B0B5963B0} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {51603024-7278-400F-BEB2-FDCE1BD03B4E} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {8061BEE6-524D-4FFB-9DD0-FCB5FCB5F6EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (No File)
Task: {88D8BFEC-DE63-44CC-8FF9-9A60719A12BE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {89BB2BF5-264E-40F8-BB50-4C5270468608} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA => C:\Users\Kristýna\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {A3729F9F-BB0D-4387-9233-CD7AAC5A9C65} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask => {0AC1DBCA-7F9F-47FC-A090-34E5FEB291E8} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\Windows\system32\SettingSyncInfo.dll [128512 2015-08-04] (Microsoft Windows -> Microsoft Corporation)
Task: {BB5BA204-753F-4110-AA71-0EA0D3F9C8BF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C6D9BC69-1511-4FB6-9E95-5E87197CBD16} - System32\Tasks\CCleanerSkipUAC - Kristýna => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C84139E0-6EE3-4990-973D-3E60CEECEE78} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core => C:\Users\Kristýna\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D7E5F0E5-8452-45A1-923A-1EC0428E8C64} - System32\Tasks\{94891C20-65AE-4346-8A61-D3D4F98AE9E3} => "c:\users\kristýna\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... astError=2
Task: {E2E273B3-5E8D-4C14-A697-F1997FA0E21F} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2336824586-1628868951-4251119241-1002] => proxy.ujep:3128
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{2F77C2FF-B7C4-4B81-848C-F953D03CD850}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{4BED333E-09E8-402D-ACB3-623303971936}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{8440502F-9A3F-41FD-AE22-3ECA874AF36E}: [NameServer] 217.77.161.134,217.77.165.81

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default [2022-02-24]
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Extension: (Dokumenty) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-26]
CHR Extension: (YouTube) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Systweak) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhoigiahaahldpgnbbimfecackdgccna [2014-06-16] [UpdateUrl:hxxp://autoupdate.chromewebtb.tbccint.com/sb/?productId=CT3267244&extensionData=\u003Cextension_data>] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-23]
CHR Extension: (DigitalPersona Extension) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2013-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-08]
CHR Extension: (Gmail) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-26]
CHR HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhoigiahaahldpgnbbimfecackdgccna] - C:\Users\Kristýna\AppData\Local\CRE\dhoigiahaahldpgnbbimfecackdgccna.crx [2013-10-19]
CHR HKLM-x32\...\Chrome\Extension: [dhoigiahaahldpgnbbimfecackdgccna] - C:\Users\Kristýna\AppData\Local\CRE\dhoigiahaahldpgnbbimfecackdgccna.crx [2013-10-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1128992 2017-12-12] (HP Inc. -> HP)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete -> PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2012-09-20] (IDT, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 clwvd; C:\Windows\system32\DRIVERS\clwvd.sys [40944 2012-08-28] (CyberLink -> CyberLink Corporation)
S3 MpKslae967354; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6DAADCE6-C39F-4679-BCD6-CBE79E43A2FD}\MpKslDrv.sys [49424 2022-02-23] (Microsoft Windows -> Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] (Sonix Technology CO., LTD -> )
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [543744 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S3 JMCR; \SystemRoot\System32\drivers\jmcr.sys [X]
S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-24 00:06 - 2022-02-24 00:08 - 000018660 _____ C:\Users\Kristýna\Desktop\FRST.txt
2022-02-23 23:54 - 2022-02-23 23:54 - 000001294 _____ C:\Users\Public\Desktop\HP Battery Recall Utility.lnk
2022-02-23 23:54 - 2022-02-23 23:54 - 000000000 ____D C:\Program Files (x86)\HP
2022-02-23 23:53 - 2022-02-23 23:53 - 008732144 _____ (HP Inc.) C:\Users\Kristýna\Downloads\HP.BRCU.Full.Installer.exe
2022-02-23 23:51 - 2022-02-23 23:51 - 128231176 _____ (HP Inc.) C:\Users\Kristýna\Downloads\sp95347.exe
2022-02-23 23:50 - 2022-02-23 23:50 - 001995320 _____ (HP Inc.) C:\Users\Kristýna\Downloads\HPBRCULauncher.exe
2022-02-23 23:50 - 2022-02-23 23:50 - 000000000 ____D C:\Program Files\ATI
2022-02-23 23:49 - 2022-02-23 23:49 - 000000000 ____D C:\Program Files\ATI Technologies
2022-02-23 23:28 - 2022-02-23 23:29 - 299472960 _____ (HP Inc.) C:\Users\Kristýna\Downloads\sp69094.exe
2022-02-23 23:08 - 2022-02-24 00:01 - 000000000 ____D C:\Program Files\CCleaner
2022-02-23 23:08 - 2022-02-23 23:08 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-02-23 23:08 - 2022-02-23 23:08 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Kristýna
2022-02-23 23:08 - 2022-02-23 23:08 - 000000788 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-02-23 23:08 - 2022-02-23 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-02-23 23:06 - 2022-02-23 23:06 - 036969512 _____ (Piriform Software Ltd) C:\Users\Kristýna\Downloads\ccsetup590.exe
2022-02-23 22:33 - 2022-02-23 22:33 - 000192736 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2022-02-23 22:33 - 2022-02-23 22:33 - 000000000 ____D C:\Users\Kristýna\AppData\Roaming\Sun
2022-02-23 22:32 - 2022-02-23 22:32 - 000000000 ____D C:\Program Files\Java
2022-02-23 22:31 - 2022-02-23 22:31 - 085969096 _____ (Oracle Corporation) C:\Users\Kristýna\Downloads\jre-8u321-windows-x64.exe
2022-02-23 20:49 - 2022-02-23 20:49 - 000002259 _____ C:\Windows\epplauncher.mif
2022-02-23 18:47 - 2022-02-23 18:47 - 000000000 ____D C:\Users\Kristýna\AppData\Local\GHISLER
2022-02-23 17:04 - 2022-02-23 17:07 - 000000000 ____D C:\AdwCleaner
2022-02-23 17:01 - 2022-02-23 17:01 - 008540344 _____ (Malwarebytes) C:\Users\Kristýna\Desktop\adwcleaner.exe
2022-02-23 16:07 - 2022-02-24 00:07 - 000000000 ____D C:\FRST
2022-02-23 16:06 - 2022-02-23 15:49 - 002312192 _____ (Farbar) C:\Users\Kristýna\Desktop\FRST64.exe
2022-02-23 12:16 - 2022-02-23 12:16 - 000000000 ____D C:\Users\Kristýna\AppData\Local\ElevatedDiagnostics

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-24 02:29 - 2012-07-26 09:12 - 000000000 ____D C:\Windows\registration
2022-02-24 00:04 - 2019-08-13 15:34 - 000000000 ____D C:\Users\Kristýna\AppData\Local\CrashDumps
2022-02-24 00:04 - 2013-02-18 14:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2022-02-24 00:04 - 2013-02-18 14:08 - 000000000 ____D C:\Program Files (x86)\CyberLink
2022-02-24 00:04 - 2012-11-22 04:51 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-02-24 00:02 - 2013-08-23 19:57 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2336824586-1628868951-4251119241-1002
2022-02-24 00:01 - 2015-02-01 11:27 - 000000000 ____D C:\Users\Kristýna\AppData\Roaming\Skype
2022-02-24 00:01 - 2012-07-26 06:37 - 000000000 ____D C:\Windows\Inf
2022-02-23 23:57 - 2012-11-22 04:49 - 000000000 ____D C:\ProgramData\PDFC
2022-02-23 23:56 - 2012-07-26 08:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-23 23:54 - 2019-03-23 17:35 - 000000000 ____D C:\Users\Kristýna\AppData\Local\HP
2022-02-23 23:54 - 2016-09-29 19:39 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-23 23:54 - 2013-08-23 19:52 - 000000000 ____D C:\Users\Kristýna\AppData\Roaming\hpqlog
2022-02-23 23:54 - 2012-11-22 04:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2022-02-23 23:54 - 2012-11-22 04:46 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-02-23 23:47 - 2012-08-02 22:20 - 000000000 ____D C:\swsetup
2022-02-23 23:18 - 2016-10-17 10:51 - 000000000 ____D C:\Windows\Minidump
2022-02-23 23:18 - 2012-08-01 23:22 - 000000000 ____D C:\Windows\Panther
2022-02-23 23:09 - 2013-08-24 12:14 - 000002798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core
2022-02-23 22:56 - 2013-08-23 20:19 - 000000000 ____D C:\Users\Kristýna\AppData\Roaming\Hewlett-Packard
2022-02-23 22:46 - 2012-11-22 05:19 - 000756994 _____ C:\Windows\system32\perfh005.dat
2022-02-23 22:46 - 2012-11-22 05:19 - 000163422 _____ C:\Windows\system32\perfc005.dat
2022-02-23 22:46 - 2012-07-26 08:28 - 001854972 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-23 22:33 - 2014-11-25 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-23 22:32 - 2012-11-22 04:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2022-02-23 22:28 - 2012-07-26 09:12 - 000000000 ____D C:\Windows\system32\NDF
2022-02-23 22:20 - 2013-02-18 13:58 - 000000032 _____ C:\Windows\0
2022-02-23 22:19 - 2013-02-18 13:56 - 000000000 ____D C:\Windows\SysWOW64\SDA
2022-02-23 22:18 - 2012-11-22 04:46 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-02-23 21:55 - 2012-11-22 04:48 - 000000000 ____D C:\Program Files\Hewlett-Packard
2022-02-23 21:48 - 2013-02-18 13:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2022-02-23 21:48 - 2012-11-22 05:19 - 000000000 ____D C:\Windows\SysWOW64\cs
2022-02-23 21:48 - 2012-11-22 05:19 - 000000000 ____D C:\Windows\system32\cs
2022-02-23 21:37 - 2012-07-26 09:12 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-02-23 20:54 - 2017-01-08 20:49 - 000000000 ____D C:\Users\Kristýna\AppData\Local\MEGAsync
2022-02-23 20:51 - 2013-02-18 13:47 - 000000000 ____D C:\ProgramData\HPQLOG
2022-02-23 20:44 - 2013-08-23 20:01 - 000000000 ____D C:\ProgramData\AVAST Software
2022-02-23 20:43 - 2013-08-23 20:02 - 000000000 ____D C:\Program Files\AVAST Software
2022-02-23 20:43 - 2012-07-26 06:26 - 000262144 ___SH C:\Windows\system32\config\BBI
2022-02-23 18:48 - 2013-08-23 20:19 - 000000000 ____D C:\Users\Kristýna\AppData\Local\Hewlett-Packard
2022-02-23 18:45 - 2013-08-24 12:14 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA
2022-02-23 18:13 - 2013-08-23 19:48 - 000000000 ____D C:\Users\Kristýna
2022-02-23 17:47 - 2012-07-26 09:12 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-23 17:47 - 2012-07-26 09:12 - 000000000 ____D C:\Windows\AUInstallAgent
2022-02-23 12:52 - 2013-08-24 12:16 - 000002400 _____ C:\Users\Kristýna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-02-23 18:01
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
Ran by Kristýna (24-02-2022 00:10:48)
Running from C:\Users\Kristýna\Desktop
Microsoft Windows 8 (X64) (2013-08-23 18:50:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2336824586-1628868951-4251119241-500 - Administrator - Disabled)
Guest (S-1-5-21-2336824586-1628868951-4251119241-501 - Limited - Disabled)
Kristýna (S-1-5-21-2336824586-1628868951-4251119241-1002 - Administrator - Enabled) => C:\Users\Kristýna

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{CB6500E2-405A-5BB2-6440-C121D4CDD5B9}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.90 - Piriform)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Google Chrome (HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
HP Battery Recall Utility (HKLM-x32\...\{c6a80bd1-ddde-4fd4-9b0e-033d8de96547}) (Version: 1.3.0.5 - HP Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.49 - PDF Complete, Inc)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)

Packages:
=========
Bing -> C:\Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation)
Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.308_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_2.0.3.9_x86__q4d96b2w5wcc2 [2014-03-21] (Evernote)
Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_2.0.0.308_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Fotky -> C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation)
Fotoaparát -> C:\Program Files\WindowsApps\Microsoft.Camera_6.2.9200.20523_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.4.1.1_neutral__v10z8vjag6ke6 [2014-03-07] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.141_neutral__v10z8vjag6ke6 [2014-03-21] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_1.5.216.0_x64__8wekyb3d8bbwe [2013-12-21] (Microsoft Corporation) [MS Ad]
Knihovna Microsoft Windows pro jazyk JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.1.0.RC_1.0.8377.0_neutral__8wekyb3d8bbwe [2013-02-18] (Microsoft Platform Extensions)
Media Suite for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.MediaSuiteforHP_1.1.1.17755_x86__06qsbagp91rvg [2014-03-21] (CYBERLINKCOM CORP)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_16.4.4396.311_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation)
Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_1.0.0.128_x86__kzf8qxf38zg5c [2013-02-18] (Skype)
Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_1.2.0.135_x64__8wekyb3d8bbwe [2012-11-22] (Microsoft Corporation) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.767.0_x64__8wekyb3d8bbwe [2014-03-11] (Microsoft Corporation) [MS Ad]
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_1.0.17.436_neutral__cx08jceyq9bcp [2015-04-04] (Vodafone Group Services)
Výběr prohlížeče -> C:\Windows\BrowserChoice [2013-08-26] (Microsoft Corporation)
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.30.1527.3_x64__8wekyb3d8bbwe [2016-09-29] (Microsoft Corporation)
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.1.1829_x86__06qsbagp91rvg [2013-02-18] (CYBERLINKCOM CORP)
Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_2.0.0.308_x64__8wekyb3d8bbwe [2014-03-21] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Kristýna\AppData\Local\Google\Chrome\Application\98.0.4758.102\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kristýna\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () [File not signed] C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000016384 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\cd62420cb4e3198c151817f24dee24b0\PSIClient.ni.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000024576 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\99b4282fde27fb7e754a1ab63d3f9389\IAStorCommon.ni.dll
2012-11-22 04:47 - 2014-03-04 17:24 - 000269824 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2012-11-22 04:47 - 2014-03-04 17:24 - 000465920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-01-26 19:31 - 2015-01-26 19:31 - 000074752 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\6ca1389b8a688cfb50a97d91d84163f3\IAStorDataMgr.ni.dll
2015-09-11 20:01 - 2015-09-11 20:01 - 000363008 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\b25b7d0e72f5b4810502da030939f21f\IAStorUtil.ni.dll
2015-06-03 13:50 - 2015-06-03 13:50 - 001046528 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\bc5f55cf05c25c0579a421a8569aff1c\IAStorViewModel.ni.dll
2015-01-26 19:31 - 2015-01-26 19:31 - 003688960 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\PSI\d9fa8d9daf90d7a8ca317a8efede35ac\PSI.ni.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000622592 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\PsiData\58bbecd95416bbc527fe25deb803d490\PsiData.ni.dll
2017-10-05 22:05 - 2017-10-05 22:05 - 002969600 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmCodecs.dll
2017-10-05 22:08 - 2017-10-05 22:08 - 000941056 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmMediaManager.dll
2017-10-05 22:03 - 2017-10-05 22:03 - 000654848 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPal.dll
2017-10-05 22:07 - 2017-10-05 22:07 - 010914816 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPltfm.dll
2017-10-05 22:04 - 2017-10-05 22:04 - 000089088 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-01-26 19:35 - 2015-01-26 19:35 - 000026624 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\08174423ca7bd61600da5cd3caad1d7c\IAStorDataMgrSvcInterfaces.ni.dll
2017-10-05 22:16 - 2017-10-05 22:16 - 027716608 ____R (Skype Technologies S.A.) [File not signed] C:\Program Files (x86)\Skype\Phone\SkypeSkylib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
URLSearchHook: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-02-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-02-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL [2017-07-18] (Skype Software Sarl -> Skype Technologies)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2019-01-10 10:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kristýna\Downloads\40374913_249811165727449_9002632995835740160_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F6639FF7-DF88-4EFA-91F4-A0E3C89A1938}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA5C40B9-12E5-46BB-A74A-B00554A80F50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{81F0AB64-7A19-4642-AFE9-8EF5C7E2120B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69BC6FDD-ADEE-45FA-AA11-6CE808E6C569}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6AE1191F-53F5-482A-83EA-D76182C8453E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{8F66A353-602B-45F9-9CD8-C60200A6C269}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{60C330AC-CDFA-4E83-AD96-A8241D2B74B0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{3A5A0519-99E1-43D7-B4A8-E1404170A85A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

09-03-2021 13:14:13 Windows Update
23-02-2022 17:06:32 AdwCleaner_BeforeCleaning_23/02/2022_17:06:31
23-02-2022 22:55:43 AdwCleaner_BeforeCleaning_23/02/2022_22:55:43

==================== Faulty Device Manager Devices ============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ralink Bluetooth PCIe Adapter
Description: Ralink Bluetooth PCIe Adapter
Class Guid: {d2de069d-7286-420b-baf8-225d700ce748}
Manufacturer: Ralink Technology Corp.
Service: rtbth
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/24/2022 12:16:46 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:16:46Z. Kód chyby: 0x80041316

Error: (02/24/2022 12:16:16 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:16:16Z. Kód chyby: 0x80041316

Error: (02/24/2022 12:15:46 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:15:46Z. Kód chyby: 0x80041316

Error: (02/24/2022 12:15:16 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:15:16Z. Kód chyby: 0x80041316

Error: (02/24/2022 12:14:46 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:14:46Z. Kód chyby: 0x80041316

Error: (02/24/2022 12:14:16 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:14:16Z. Kód chyby: 0x80041316

Error: (02/24/2022 12:13:46 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:13:46Z. Kód chyby: 0x80041316

Error: (02/24/2022 12:13:16 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-01-30T23:13:16Z. Kód chyby: 0x80041316


System errors:
=============
Error: (02/24/2022 12:16:48 AM) (Source: DCOM) (EventID: 10010) (User: TYNANTB)
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/24/2022 12:14:48 AM) (Source: DCOM) (EventID: 10010) (User: TYNANTB)
Description: Server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/24/2022 12:06:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70

Error: (02/24/2022 12:06:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70

Error: (02/24/2022 12:02:33 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 40

Error: (02/24/2022 12:02:33 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70

Error: (02/24/2022 12:02:17 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 40

Error: (02/24/2022 12:02:17 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70


Windows Defender:
================
Date: 2022-02-24 00:09:39.980
Description:
Windows Defender zjistil malware nebo další potenciálně nežádoucí software software.
Další informace získáte v následujícím seznamu:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: SoftwareBundler:Win32/OutBrowse
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\Kristýna\Downloads\Player.exe
Původ zjištění: Místní počítač
Typ zjištění: Konkrétní
Zdroj zjištění: Ochrana v reálném čase
Uživatel: TynaNTB\Kristýna
Název procesu: C:\Users\Kristýna\Desktop\FRST64.exe
Verze postupu: AV: 1.359.784.0, AS: 1.359.784.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18900.3, NIS: 0.0.0.0

Date: 2022-02-23 23:03:54.149
Description:
Vyhledávání Windows Defender bylo zastaveno před dokončením.
ID vyhledávání: {B9237449-EF76-4808-81E5-2B393334EDA2}
Typ vyhledávání: Antimalwarový program
Parametry vyhledávání: Rychlé prohledávání
Uživatel: TynaNTB\Kristýna

Date: 2013-02-18 15:22:08.213
Description:
Program Windows Defender zjistil podezřelé chování.
Název: Behavior:Win32/ModifiedBootRecord
Závažnost: Low
Kategorie: Suspicious Behavior
Nalezená cesta: file:_C:\SYSTEM.SAV\WDT\OSChanger64.exe;process:_160
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: AI4GEULREVC53\Administrator
Název procesu: C:\SYSTEM.SAV\WDT\OSChanger64.exe
ID podpisu: 23858570787236
Verze podpisu: AV: 1.129.21.0, AS: 1.129.21.0
Verze modulu: 1.1.8502.0
Osvědčení o věrnosti: Střední
Název cílového souboru:
Event[0]:

Date: 2022-02-23 22:59:21.142
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.359.784.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-02-23 22:23:28.052
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-02-23 21:51:00.315
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-02-23 21:37:43.395
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-10-05 16:52:26.742
Description:
Windows Defender nalezl chybu při pokusu o načtení podpisů a pokusí se obnovit jejich známou správnou konfiguraci.
Pokus o podpisy: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.129.21.0;1.129.21.0
Verze modulu: 1.1.8502.0

==================== Memory info ===========================

BIOS: Hewlett-Packard 68IRR Ver. F.62 09/29/2016
Motherboard: Hewlett-Packard 17F6
Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 69%
Total physical RAM: 3978.84 MB
Available physical RAM: 1213.51 MB
Total Virtual: 8074.84 MB
Available Virtual: 4023.25 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:449.3 GB) (Free:20.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:13.25 GB) (Free:2.1 GB) NTFS

\\?\Volume{9213fa4c-9b80-4ee5-bdac-21910ecac893}\ (WinRE) (Fixed) (Total:0.98 GB) (Free:0.7 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {44c226db-9651-11e8-bf60-b4b52f85fe21} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {70a277ef-63e0-11e6-bf21-f4b7e22ef5b4} - "H:\Lenovo_Suite.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3026EDB1-B889-4400-AE50-9F5400FC7E67} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {51603024-7278-400F-BEB2-FDCE1BD03B4E} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {8061BEE6-524D-4FFB-9DD0-FCB5FCB5F6EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (No File)
Task: {88D8BFEC-DE63-44CC-8FF9-9A60719A12BE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {E2E273B3-5E8D-4C14-A697-F1997FA0E21F} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
Task: {89BB2BF5-264E-40F8-BB50-4C5270468608} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA => C:\Users\Kristýna\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {C84139E0-6EE3-4990-973D-3E60CEECEE78} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core => C:\Users\Kristýna\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKLM-x32 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
URLSearchHook: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
C:\Users\Kristýna\Downloads\Player.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Tady je fixlog.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
Ran by Kristýna (24-02-2022 10:59:35) Run:1
Running from C:\Users\Kristýna\Desktop
Loaded Profiles: Kristýna
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {44c226db-9651-11e8-bf60-b4b52f85fe21} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\...\MountPoints2: {70a277ef-63e0-11e6-bf21-f4b7e22ef5b4} - "H:\Lenovo_Suite.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3026EDB1-B889-4400-AE50-9F5400FC7E67} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {51603024-7278-400F-BEB2-FDCE1BD03B4E} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {8061BEE6-524D-4FFB-9DD0-FCB5FCB5F6EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (No File)
Task: {88D8BFEC-DE63-44CC-8FF9-9A60719A12BE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {E2E273B3-5E8D-4C14-A697-F1997FA0E21F} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
Task: {89BB2BF5-264E-40F8-BB50-4C5270468608} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA => C:\Users\Krist�na\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {C84139E0-6EE3-4990-973D-3E60CEECEE78} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core => C:\Users\Krist�na\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKLM-x32 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
URLSearchHook: HKU\S-1-5-21-2336824586-1628868951-4251119241-1002 - (No Name) - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {424e2f9c-eb5b-4b51-87e5-5831781bc515} - No File
C:\Users\Krist�na\Downloads\Player.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44c226db-9651-11e8-bf60-b4b52f85fe21} => removed successfully
HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70a277ef-63e0-11e6-bf21-f4b7e22ef5b4} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3026EDB1-B889-4400-AE50-9F5400FC7E67}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3026EDB1-B889-4400-AE50-9F5400FC7E67}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51603024-7278-400F-BEB2-FDCE1BD03B4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51603024-7278-400F-BEB2-FDCE1BD03B4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8061BEE6-524D-4FFB-9DD0-FCB5FCB5F6EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8061BEE6-524D-4FFB-9DD0-FCB5FCB5F6EB}" => removed successfully
C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88D8BFEC-DE63-44CC-8FF9-9A60719A12BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88D8BFEC-DE63-44CC-8FF9-9A60719A12BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E2E273B3-5E8D-4C14-A697-F1997FA0E21F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2E273B3-5E8D-4C14-A697-F1997FA0E21F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=9 => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89BB2BF5-264E-40F8-BB50-4C5270468608}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89BB2BF5-264E-40F8-BB50-4C5270468608}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C84139E0-6EE3-4990-973D-3E60CEECEE78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C84139E0-6EE3-4990-973D-3E60CEECEE78}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002Core" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2336824586-1628868951-4251119241-1002UA" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => subkey with invalid name -> removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => subkey with invalid name -> removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => subkey with invalid name -> removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => subkey with invalid name -> removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => subkey with invalid name -> removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{424e2f9c-eb5b-4b51-87e5-5831781bc515}" => removed successfully
"HKU\S-1-5-21-2336824586-1628868951-4251119241-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{424e2f9c-eb5b-4b51-87e5-5831781bc515}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{424e2f9c-eb5b-4b51-87e5-5831781bc515}" => removed successfully
"C:\Users\Krist�na\Downloads\Player.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8417120 B
Java, Flash, Steam htmlcache => 709 B
Windows/system/drivers => 682624 B
Edge => 0 B
Chrome => 18647704 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 11764 B
ProgramData => 11764 B
Public => 11764 B
systemprofile => 146535 B
systemprofile32 => 36390122 B
LocalService => 36393296 B
NetworkService => 36393296 B
Kristýna => 51140377 B

RecycleBin => 0 B
EmptyTemp: => 179.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:59:57 ====

Smazáno. Zrychlil se chod?

Notebook běží mnohem rychleji. Ještě jsem odinstaloval nějaké zbytečné programy, které tam byly asi už předinstalované od výrobce a aktualizoval jsem ovladače grafiky a ovladač pro síťovou kartu.
Ještě blbne jedna věc. Ve Windows Update dám vyhledat aktualizace a běží vyhledávání (teď už něco přes 2 hodiny) a stále nic.
Není to nic vážného, ale ještě zkusím vygooglit nějaké řešení na tohle.
Každopádně mockrát děkuji za pomoc a přispěju něco na provoz fóra

Něk to má jediné řešení, a to reinstal. Ale možností je více. Např. https://support.microsoft.com/cs-cz/sbs ... 4a37d6d787 . Nemáte zač a my děkujeme za příspěvek!

Poslal jsem částku 100 kč. Moc děkuji za pomoc.
Zkusím některý z těch postupů
PS: Všiml jsem, že na fóru se dá naučit luštit logy a stát se rádcem. Je to stále ještě aktuální?