Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomalé PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Pomalé PC

#1 Příspěvek od ota »

Prosím o kontrolu logů, zpomalené PC, díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2022
Ran by Ota (administrator) on DESKTOP-TTIU2E3 (MSI MS-7817) (17-11-2022 18:22:06)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Loaded Profiles: oem & Ota
Platform: Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe ->) (ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(C:\Windows\Samsung\PanelMgr\SSMMgr.exe ->) () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [618496 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe [4606464 2017-02-13] (Vitzo) [File not signed]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [33792 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [27648 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /submit (No File)
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /analyze (No File)
Task: {187C9E5B-AF83-40ED-90FA-ADFABF21598C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {1D592AC8-6C72-4690-810D-2F2D7466B67D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2d211d79-0d1a-4686-a1d2-17c0ed47dbf8" --version "6.06.10144" --silent
Task: {22897F6D-4A8C-4DCB-BD2C-F2A59723624F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {3864A0CD-4F58-4E80-99EC-D842EA3CA20C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {4B358772-6290-47CC-B5EB-FD5CE14B878C} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {56C896FD-C985-44EA-98D1-C6651139FDDF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {8F3DDE51-1AA4-4C64-A23F-F7D875765701} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /ui (No File)
Task: {BCFA17EF-ED5C-4EBA-B070-F8169EE9CE18} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {CB49BEA5-E02E-41C3-A98D-DD4F7F1EE0B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {D1BEE155-27E4-4B34-B5EC-E8058FDD7286} - System32\Tasks\CCleanerSkipUAC - Ota => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {E19C8121-1ED1-4CC5-9B89-F4D04531F249} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E9781A52-4267-483B-85C1-3733AA0390DD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
DownloadDir: C:\Users\Ota\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-17]
Edge HomePage: Default -> hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-11-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: dwrkrxjf.default-1446579292021
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 [2022-11-17]
FF Homepage: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF HomepageOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (SaveFrom.net helper) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\helper@savefrom.net.xpi [2022-11-02]
FF Extension: (Norton Password Manager) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\idsafe@norton.com.xpi [2022-11-15]
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-10-25]
FF Extension: (Norton Home Page) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonhomepage@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafeweb@symantec.com.xpi [2022-10-18]
FF Extension: (uBlock Origin) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\uBlock0@raymondhill.net.xpi [2022-11-14]
FF Extension: (FormApps Extension) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-02-07]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2022-11-11]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2022-11-01]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30]
FF SearchPlugin: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\searchplugins\Poshukach Engin Search.xml [2021-08-05]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default [2022-11-17]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-15]
CHR Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-11-09]
CHR Extension: (Have I been pwned?) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpgljciihecejjlildfcakfcmnachahp [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-15]
CHR Extension: (FormApps Extension) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-11-01]
CHR Extension: (Skype) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-13]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-01-11]
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.10.9\NortonSecurity.exe [344888 2022-11-07] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R3 nsWscSvc; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe [1059176 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_formatfactory_pcfreetime_com; "C:/Program Files (x86)/FormatFactory/net_updater64.exe" --updater win_formatfactory.pcfreetime.com [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20221116.015\BHDrvx64.sys [1705040 2022-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\ccSetx64.sys [198280 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20221116.061\IDSvia64.sys [1526776 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\nsvst.sys [57104 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\SRTSP64.SYS [956048 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SRTSPX64.SYS [52872 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SYMEFASI64.SYS [2092696 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SymELAM.sys [36016 2022-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\Ironx64.SYS [306824 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\symnets.sys [490664 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\wpCtrlDrv.sys [1016792 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
S4 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-17 17:32 - 2022-11-17 17:32 - 000000000 ___HD C:\$WinREAgent
2022-11-16 21:15 - 2022-11-16 21:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-11-15 16:38 - 2022-11-15 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-14 11:31 - 2022-11-14 11:31 - 000053126 _____ C:\Users\Ota\Downloads\1073619840277_8_1132_20220823.pdf
2022-11-14 11:30 - 2022-11-14 11:30 - 000054855 _____ C:\Users\Ota\Downloads\1073619840277_10_1132_20221021.pdf
2022-11-12 10:41 - 2022-11-12 17:32 - 000000000 ____D C:\Program Files\RUXIM
2022-11-09 20:57 - 2022-11-09 20:57 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 20:54 - 2022-11-09 20:54 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-02 18:34 - 2022-11-02 18:34 - 000183586 _____ C:\Users\Ota\Downloads\podminky-poskytovani-mobilnich-datovych-balicku-da.pdf
2022-11-02 18:32 - 2022-11-02 18:32 - 000180921 _____ C:\Users\Ota\Downloads\podminky-red-tarifu.pdf
2022-11-01 12:25 - 2022-11-01 12:25 - 000075789 _____ C:\Users\Ota\Downloads\Výpis (1).pdf
2022-10-24 17:11 - 2022-10-24 17:11 - 000000000 ____D C:\Users\Ota\AppData\Local\Microvirt
2022-10-24 17:06 - 2022-10-24 17:06 - 000297896 _____ C:\Users\Ota\Downloads\minecraft WEB (hra) (1).webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days-1.webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days.webp
2022-10-19 18:39 - 2022-11-17 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2022-10-19 18:25 - 2022-10-22 10:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-10-18 18:49 - 2022-10-18 18:49 - 000002274 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-17 18:22 - 2016-11-28 21:32 - 000000000 ____D C:\FRST
2022-11-17 18:18 - 2016-11-16 18:01 - 000000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2022-11-17 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-17 18:03 - 2017-06-17 06:02 - 000000000 ____D C:\Program Files\CCleaner
2022-11-17 18:03 - 2015-11-01 19:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-17 18:00 - 2018-06-06 19:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-17 18:00 - 2015-10-31 01:10 - 000000000 __SHD C:\Users\Ota\IntelGraphicsProfiles
2022-11-17 17:43 - 2020-06-12 22:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-17 17:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-17 16:31 - 2015-10-31 19:24 - 000000000 ____D C:\ProgramData\Mozilla
2022-11-17 11:39 - 2018-02-27 10:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-17 09:41 - 2022-09-21 05:59 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-17 09:41 - 2022-09-21 05:59 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-17 09:41 - 2020-06-12 22:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-17 07:19 - 2015-11-01 19:07 - 000000000 ____D C:\01 PC Home
2022-11-16 17:41 - 2015-10-31 21:15 - 000000000 ____D C:\Users\Ota\AppData\Local\GHISLER
2022-11-15 18:56 - 2020-06-12 22:21 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 18:56 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-15 18:56 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-15 18:56 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 17:35 - 2022-01-12 15:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-15 17:35 - 2015-10-31 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-12 10:41 - 2018-07-13 08:36 - 000000000 ____D C:\Program Files\rempl
2022-11-12 05:52 - 2020-06-12 17:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 05:46 - 2020-06-12 22:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 05:46 - 2020-06-12 22:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 07:59 - 2015-11-01 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-10 06:46 - 2015-08-18 12:04 - 015724341 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2022-11-10 06:45 - 2020-06-12 22:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-10 06:45 - 2020-06-12 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-09 21:22 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-09 21:21 - 2020-06-12 22:02 - 000457816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 21:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 21:17 - 2020-06-12 20:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 20:54 - 2020-06-12 22:08 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 08:56 - 2015-10-31 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 08:45 - 2015-10-31 19:25 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-05 19:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-11-02 14:22 - 2015-11-21 19:31 - 000000000 ____D C:\Users\Ota\AppData\Roaming\vlc
2022-10-29 18:24 - 2021-01-28 20:33 - 000000000 _____ C:\end
2022-10-29 18:24 - 2020-04-24 19:00 - 000008342 _____ C:\nsispromotion_log.txt
2022-10-27 18:53 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\AppData\Roaming\calibre
2022-10-27 18:51 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\Documents\Knihovna Calibre
2022-10-27 18:19 - 2022-09-22 18:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\Program Files\Calibre2
2022-10-24 05:40 - 2020-06-12 22:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-24 05:38 - 2022-10-11 17:09 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\Program Files (x86)\Java
2022-10-23 12:28 - 2017-03-07 19:56 - 000168096 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-10-21 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-19 19:02 - 2017-03-02 19:11 - 000000000 ____D C:\Program Files\Common Files\AV
2022-10-18 18:49 - 2022-02-09 06:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

==================== Files in the root of some directories ========

2018-11-16 20:59 - 2022-03-15 20:09 - 000081408 _____ () C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-05-06 13:49 - 2020-05-06 13:49 - 000004096 ____H () C:\Users\Ota\AppData\Local\keyfile3.drm

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-11-2022
Ran by Ota (17-11-2022 18:26:19)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) (2020-06-12 21:36:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-554986064-1367882024-3811459060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554986064-1367882024-3811459060-503 - Limited - Disabled)
Guest (S-1-5-21-554986064-1367882024-3811459060-501 - Limited - Disabled)
oem (S-1-5-21-554986064-1367882024-3811459060-1001 - Administrator - Enabled) => C:\Users\oem
Ota (S-1-5-21-554986064-1367882024-3811459060-1005 - Administrator - Enabled) => C:\Users\Ota
WDAGUtilityAccount (S-1-5-21-554986064-1367882024-3811459060-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{5D6852FB-8784-4B43-BE3D-05B9658F95E5}) (Version: 6.7.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CS Codec Solution 1.10 (HKLM-x32\...\CS Codec Solution_is1) (Version: 1.10 - CS Software)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 5.9.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.9.0.0 - Free Time)
Free MP4 to MP3 Converter 1.0 (HKLM-x32\...\{1D6B0375-C07F-4BCB-878A-F53803282A60}_is1) (Version: - PolySoft Solutions)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.27.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.79.5344 - GOM & Company)
GOMPLAYERENSETUP 2.2.62.5209 (HKLM-x32\...\GOMPLAYERENSETUP 2.2.62.5209) (Version: - )
Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google)
Google Chrome (HKLM\...\{CCFFC2EC-F561-3EF1-8038-F3608B52F935}) (Version: 107.0.5304.107 - Google LLC)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
Manažer elektronických podání (HKLM-x32\...\MRP eSubmit) (Version: - MRP)
Microsoft Edge (HKLM-x32\...\{EC598353-0B1B-3C21-B98D-79F0CA02D17F}) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-554986064-1367882024-3811459060-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0 (x64 cs)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 107.0.0.8349 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 91.13.1 (x86 cs)) (Version: 91.13.1 - Mozilla)
Multimedia Mouse Driver version 1.2 (HKLM-x32\...\{D1446C63-11CC-46F0-8CC7-6C8E81676DE3}_is1) (Version: 1.2 - SQT)
Nero 9 Essentials (HKLM-x32\...\{7b094e03-cc48-48c3-9089-86b17586bccb}) (Version: - Nero AG)
Nero ControlCenter (HKLM-x32\...\{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}) (Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (HKLM-x32\...\{e8a80433-302b-4ff1-815d-fcc8eac482ff}) (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (HKLM-x32\...\{dba84796-8503-4ff0-af57-1747dd9a166d}) (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (HKLM-x32\...\{7748ac8c-18e3-43bb-959b-088faea16fb2}) (Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (HKLM-x32\...\{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}) (Version: 9.4.10.100 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Norton Security (HKLM-x32\...\NGC) (Version: 22.22.9.11 - Symantec Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 6.5.2 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 6.5.2 - Shark007)
Skype 8.87 (HKLM-x32\...\{C46E8949-FE45-4512-85E1-EB848D9EA196}) (Version: 8.87.0.406 - Skype Technologies S.A.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.87 (HKLM-x32\...\Skype_is1) (Version: 8.87 - Skype Technologies S.A.) Hidden
Smart Tests - testy, které učí (HKLM-x32\...\Smart Tests) (Version: - )
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Sudoku (HKLM-x32\...\Sudoku_is1) (Version: 1.0 - MEDIA TRADE Interactive, s.r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VDownloader 4.5.2598 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.9 - Winamp SA)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Word Manager (HKLM-x32\...\Word Manager) (Version: 1.0.1.0 - Vitware.cz)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-19] (Microsoft Studios) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-13] (Any DVD &amp; Office App)
NotepadX -> C:\Program Files\WindowsApps\27879SnkeKhn.NotepadX_1.7.43.0_x64__xq0nh4s6cn4qe [2021-05-19] (Sönke Köhn)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282624 2007-03-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.i263] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [118784 2006-05-13] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [380928 2007-08-09] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\divxa32.acm [287744 2001-02-25] (Kristal StudioDFileDescription) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2002-07-08] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDex\CDex Site.lnk -> hxxp://cdexos.sourceforge.net

==================== Loaded Modules (Whitelisted) =============

2018-08-25 10:09 - 2006-05-03 03:49 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll
2018-04-16 19:41 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\SpiderMonkey.dll
2022-06-15 05:31 - 2022-06-15 05:31 - 001455616 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GomAudio\MiniBand.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2015-12-04 19:08 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {07AD7CAC-D73B-4561-8646-AA337C19EBE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {09A74828-A733-4595-B8AB-AA8D8825B2E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {303968DB-3944-4379-821E-059CEF6B321D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {48E209C1-CF53-4D43-8B1B-AA500BAFBE10} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {4F9FB4D8-BDF8-437E-BE9B-F5F9172C4887} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {59727CF2-CA7C-4A02-B34E-F9ADAE5F4D7D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {A561C403-0520-456B-853F-29294831643C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__170617__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C7F1AECF-F908-467C-A47C-3299ED673E2C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {EF6265B4-E91A-4BCA-96C8-DCFFF0B13639} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2021-01-13 07:01 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\Calibre2\;C:\Program Files\VDownloader;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-554986064-1367882024-3811459060-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Ota\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\screen8.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F11F5C2DD299C8722D30FC5C9E83555A"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Web Companion"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ABCCA373-A80F-4F77-B51A-7B7337B419E6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{7E0A140F-725D-45F5-8C58-6C1276FD0436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{73F08067-8D58-474C-8B0D-B95C9BBE6753}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{11EAB6F5-364C-4480-A248-162948F33121}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{A53B7D39-424E-41A7-A00C-C2C423E657CD}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{590ABE12-46F8-413B-865B-53897AEDFC1E}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{E88499BE-39DD-408D-ACD8-C5087B7C5962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E8490F2-B498-4E22-B3AF-BFE1351D5F0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF7A3CC6-D980-46C2-9602-4E8937D54400}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{593F554C-FC20-41D2-A68E-4A48F415958A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41330990-D406-4B67-93D7-025B1789D5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77B6BB4E-A7D1-404A-BEE9-7E8D8DDBA778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C96FE7E-9607-4CC1-A647-1BA72B2432D8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{CE5C9608-82AA-41D4-A0A4-1139BF57310A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E44CD42-CDCC-408E-AF86-DF9CA691FB22}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{78A164AD-51D2-48B6-9395-15A8237F306F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BFF9D45E-317A-4893-ABE5-F3808BFF8C07}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{4137AE0D-9248-49E8-BCFB-FA86E31232AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BA39F436-A881-49B7-A9C5-AB228CC2432D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C51117FC-80FB-48EE-A81C-16595A15F5C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{620A1F10-8688-4AD4-B783-5DF276B43258}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{CE1ADA4D-A4E5-450B-8EF0-D7F9C726F2C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{F833B260-694C-4F35-B2DB-40707E6B2C31}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{278877AB-5136-4A19-AC54-78C1E90AF6C8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{7625CD51-DE6E-4DFE-8D1A-2D6FF989970A}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A28922DF-5216-4478-BE30-F324F3C4035B}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6CB67587-DE8E-4071-A757-2458F0EF4C42}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9E2D00E6-6B83-45F3-8CDA-EC0AFDF0759F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CB0F424E-3C95-4D3C-9A67-5091D23723B8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3A91C414-F84D-4875-9FA1-4D570BF195C5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{934044E0-2DA2-4547-AD0F-A33CF03A4E87}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7682E269-2D50-4ADC-AE65-180469DD6F89}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{441F31E9-4A68-49B9-9447-A0DFC25639C9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{D1F39393-0C77-4A8D-AB2D-321CF0ABE272}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{A26C369F-B327-466E-B4A0-F11FFD772D4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08095423-D65A-4453-B10B-A5BB707DD63A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{F947F1FE-C402-48B3-8903-DB75556FC4C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{584E4B71-9B03-4D14-BDE0-55812EF3BF2A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5CD007FD-5D4E-48D2-A126-FB0610A8A795}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{13FB8B81-5ED9-47D4-ADD8-8FDCA83865C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5314DCD3-A14A-4A84-BE93-807BFF5FF397}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38EB961C-F935-4F18-91C6-07D31BC383AF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{625D1934-06AB-4247-B5E2-94E4B552DF25}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E8CB17AC-9E1D-46C5-88F0-C9437D0BC27C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F08FD62-E54C-4D7C-965D-B5B35504BBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{309BDF37-9895-4443-AA58-92B580D63605}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4A34743-DF7F-45B4-AF60-C6E627E32747}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD4542B6-02B4-4C7E-B6C4-CAA1B1591A70}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

31-10-2022 06:31:30 Naplánovaný kontrolní bod
09-11-2022 08:56:12 Instalační služba modulů systému Windows
09-11-2022 19:25:58 Instalační služba modulů systému Windows
09-11-2022 20:03:59 Instalační služba modulů systému Windows
17-11-2022 17:27:52 Instalační služba modulů systému Windows
17-11-2022 17:56:53 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 109328

Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 109328

Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 93687

Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 93687

Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 78062

Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 78062


System errors:
=============
Error: (11/17/2022 09:42:44 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-TTIU2E3)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x27e0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\0000007e).

Error: (11/11/2022 04:37:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/10/2022 06:45:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2022 09:20:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2022 06:59:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2022 06:56:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TTIU2E3)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2022-11-17 18:16:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-17 18:16:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.7 07/18/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 58%
Total physical RAM: 8070.02 MB
Available physical RAM: 3317.48 MB
Total Virtual: 9350.02 MB
Available Virtual: 4275.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.89 GB) (Free:142.11 GB) (Model: WDC WD10EZEX-08M2NA0) NTFS

\\?\Volume{d511e935-e4e0-4f94-8fc9-1e8c041b4eb5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4c41a681-d607-44ea-a7ee-74bdc898fc68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [WEBTRAN] => [X]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /submit (No File)
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /analyze (No File)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /ui (No File)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File

EmptyTemp:
End
Uložte do C:\01 PC Home\Uloženo\Programy\Viry, Malware jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Re: Pomalé PC

#3 Příspěvek od ota »

Dobrý den, omylem jsem vstoupil do cizího vlákna, proto až dnes:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2022
Ran by Ota (administrator) on DESKTOP-TTIU2E3 (MSI MS-7817) (17-11-2022 18:22:06)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Loaded Profiles: oem & Ota
Platform: Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe ->) (ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(C:\Windows\Samsung\PanelMgr\SSMMgr.exe ->) () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [618496 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe [4606464 2017-02-13] (Vitzo) [File not signed]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [33792 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [27648 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /submit (No File)
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /analyze (No File)
Task: {187C9E5B-AF83-40ED-90FA-ADFABF21598C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {1D592AC8-6C72-4690-810D-2F2D7466B67D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2d211d79-0d1a-4686-a1d2-17c0ed47dbf8" --version "6.06.10144" --silent
Task: {22897F6D-4A8C-4DCB-BD2C-F2A59723624F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {3864A0CD-4F58-4E80-99EC-D842EA3CA20C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {4B358772-6290-47CC-B5EB-FD5CE14B878C} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {56C896FD-C985-44EA-98D1-C6651139FDDF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {8F3DDE51-1AA4-4C64-A23F-F7D875765701} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /ui (No File)
Task: {BCFA17EF-ED5C-4EBA-B070-F8169EE9CE18} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {CB49BEA5-E02E-41C3-A98D-DD4F7F1EE0B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {D1BEE155-27E4-4B34-B5EC-E8058FDD7286} - System32\Tasks\CCleanerSkipUAC - Ota => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {E19C8121-1ED1-4CC5-9B89-F4D04531F249} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E9781A52-4267-483B-85C1-3733AA0390DD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
DownloadDir: C:\Users\Ota\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-17]
Edge HomePage: Default -> hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-11-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: dwrkrxjf.default-1446579292021
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 [2022-11-17]
FF Homepage: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF HomepageOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (SaveFrom.net helper) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\helper@savefrom.net.xpi [2022-11-02]
FF Extension: (Norton Password Manager) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\idsafe@norton.com.xpi [2022-11-15]
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-10-25]
FF Extension: (Norton Home Page) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonhomepage@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafeweb@symantec.com.xpi [2022-10-18]
FF Extension: (uBlock Origin) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\uBlock0@raymondhill.net.xpi [2022-11-14]
FF Extension: (FormApps Extension) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-02-07]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2022-11-11]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2022-11-01]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30]
FF SearchPlugin: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\searchplugins\Poshukach Engin Search.xml [2021-08-05]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default [2022-11-17]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-15]
CHR Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-11-09]
CHR Extension: (Have I been pwned?) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpgljciihecejjlildfcakfcmnachahp [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-15]
CHR Extension: (FormApps Extension) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-11-01]
CHR Extension: (Skype) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-13]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-01-11]
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.10.9\NortonSecurity.exe [344888 2022-11-07] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R3 nsWscSvc; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe [1059176 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_formatfactory_pcfreetime_com; "C:/Program Files (x86)/FormatFactory/net_updater64.exe" --updater win_formatfactory.pcfreetime.com [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20221116.015\BHDrvx64.sys [1705040 2022-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\ccSetx64.sys [198280 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20221116.061\IDSvia64.sys [1526776 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\nsvst.sys [57104 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\SRTSP64.SYS [956048 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SRTSPX64.SYS [52872 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SYMEFASI64.SYS [2092696 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SymELAM.sys [36016 2022-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\Ironx64.SYS [306824 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\symnets.sys [490664 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\wpCtrlDrv.sys [1016792 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
S4 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-17 17:32 - 2022-11-17 17:32 - 000000000 ___HD C:\$WinREAgent
2022-11-16 21:15 - 2022-11-16 21:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-11-15 16:38 - 2022-11-15 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-14 11:31 - 2022-11-14 11:31 - 000053126 _____ C:\Users\Ota\Downloads\1073619840277_8_1132_20220823.pdf
2022-11-14 11:30 - 2022-11-14 11:30 - 000054855 _____ C:\Users\Ota\Downloads\1073619840277_10_1132_20221021.pdf
2022-11-12 10:41 - 2022-11-12 17:32 - 000000000 ____D C:\Program Files\RUXIM
2022-11-09 20:57 - 2022-11-09 20:57 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 20:54 - 2022-11-09 20:54 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-02 18:34 - 2022-11-02 18:34 - 000183586 _____ C:\Users\Ota\Downloads\podminky-poskytovani-mobilnich-datovych-balicku-da.pdf
2022-11-02 18:32 - 2022-11-02 18:32 - 000180921 _____ C:\Users\Ota\Downloads\podminky-red-tarifu.pdf
2022-11-01 12:25 - 2022-11-01 12:25 - 000075789 _____ C:\Users\Ota\Downloads\Výpis (1).pdf
2022-10-24 17:11 - 2022-10-24 17:11 - 000000000 ____D C:\Users\Ota\AppData\Local\Microvirt
2022-10-24 17:06 - 2022-10-24 17:06 - 000297896 _____ C:\Users\Ota\Downloads\minecraft WEB (hra) (1).webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days-1.webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days.webp
2022-10-19 18:39 - 2022-11-17 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2022-10-19 18:25 - 2022-10-22 10:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-10-18 18:49 - 2022-10-18 18:49 - 000002274 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-17 18:22 - 2016-11-28 21:32 - 000000000 ____D C:\FRST
2022-11-17 18:18 - 2016-11-16 18:01 - 000000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2022-11-17 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-17 18:03 - 2017-06-17 06:02 - 000000000 ____D C:\Program Files\CCleaner
2022-11-17 18:03 - 2015-11-01 19:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-17 18:00 - 2018-06-06 19:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-17 18:00 - 2015-10-31 01:10 - 000000000 __SHD C:\Users\Ota\IntelGraphicsProfiles
2022-11-17 17:43 - 2020-06-12 22:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-17 17:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-17 16:31 - 2015-10-31 19:24 - 000000000 ____D C:\ProgramData\Mozilla
2022-11-17 11:39 - 2018-02-27 10:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-17 09:41 - 2022-09-21 05:59 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-17 09:41 - 2022-09-21 05:59 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-17 09:41 - 2020-06-12 22:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-17 07:19 - 2015-11-01 19:07 - 000000000 ____D C:\01 PC Home
2022-11-16 17:41 - 2015-10-31 21:15 - 000000000 ____D C:\Users\Ota\AppData\Local\GHISLER
2022-11-15 18:56 - 2020-06-12 22:21 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 18:56 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-15 18:56 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-15 18:56 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 17:35 - 2022-01-12 15:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-15 17:35 - 2015-10-31 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-12 10:41 - 2018-07-13 08:36 - 000000000 ____D C:\Program Files\rempl
2022-11-12 05:52 - 2020-06-12 17:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 05:46 - 2020-06-12 22:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 05:46 - 2020-06-12 22:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 07:59 - 2015-11-01 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-10 06:46 - 2015-08-18 12:04 - 015724341 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2022-11-10 06:45 - 2020-06-12 22:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-10 06:45 - 2020-06-12 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-09 21:22 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-09 21:21 - 2020-06-12 22:02 - 000457816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 21:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 21:17 - 2020-06-12 20:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 20:54 - 2020-06-12 22:08 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 08:56 - 2015-10-31 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 08:45 - 2015-10-31 19:25 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-05 19:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-11-02 14:22 - 2015-11-21 19:31 - 000000000 ____D C:\Users\Ota\AppData\Roaming\vlc
2022-10-29 18:24 - 2021-01-28 20:33 - 000000000 _____ C:\end
2022-10-29 18:24 - 2020-04-24 19:00 - 000008342 _____ C:\nsispromotion_log.txt
2022-10-27 18:53 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\AppData\Roaming\calibre
2022-10-27 18:51 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\Documents\Knihovna Calibre
2022-10-27 18:19 - 2022-09-22 18:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\Program Files\Calibre2
2022-10-24 05:40 - 2020-06-12 22:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-24 05:38 - 2022-10-11 17:09 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\Program Files (x86)\Java
2022-10-23 12:28 - 2017-03-07 19:56 - 000168096 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-10-21 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-19 19:02 - 2017-03-02 19:11 - 000000000 ____D C:\Program Files\Common Files\AV
2022-10-18 18:49 - 2022-02-09 06:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

==================== Files in the root of some directories ========

2018-11-16 20:59 - 2022-03-15 20:09 - 000081408 _____ () C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-05-06 13:49 - 2020-05-06 13:49 - 000004096 ____H () C:\Users\Ota\AppData\Local\keyfile3.drm

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-11-2022
Ran by Ota (17-11-2022 18:26:19)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) (2020-06-12 21:36:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-554986064-1367882024-3811459060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554986064-1367882024-3811459060-503 - Limited - Disabled)
Guest (S-1-5-21-554986064-1367882024-3811459060-501 - Limited - Disabled)
oem (S-1-5-21-554986064-1367882024-3811459060-1001 - Administrator - Enabled) => C:\Users\oem
Ota (S-1-5-21-554986064-1367882024-3811459060-1005 - Administrator - Enabled) => C:\Users\Ota
WDAGUtilityAccount (S-1-5-21-554986064-1367882024-3811459060-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{5D6852FB-8784-4B43-BE3D-05B9658F95E5}) (Version: 6.7.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CS Codec Solution 1.10 (HKLM-x32\...\CS Codec Solution_is1) (Version: 1.10 - CS Software)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 5.9.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.9.0.0 - Free Time)
Free MP4 to MP3 Converter 1.0 (HKLM-x32\...\{1D6B0375-C07F-4BCB-878A-F53803282A60}_is1) (Version: - PolySoft Solutions)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.27.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.79.5344 - GOM & Company)
GOMPLAYERENSETUP 2.2.62.5209 (HKLM-x32\...\GOMPLAYERENSETUP 2.2.62.5209) (Version: - )
Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google)
Google Chrome (HKLM\...\{CCFFC2EC-F561-3EF1-8038-F3608B52F935}) (Version: 107.0.5304.107 - Google LLC)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
Manažer elektronických podání (HKLM-x32\...\MRP eSubmit) (Version: - MRP)
Microsoft Edge (HKLM-x32\...\{EC598353-0B1B-3C21-B98D-79F0CA02D17F}) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-554986064-1367882024-3811459060-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0 (x64 cs)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 107.0.0.8349 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 91.13.1 (x86 cs)) (Version: 91.13.1 - Mozilla)
Multimedia Mouse Driver version 1.2 (HKLM-x32\...\{D1446C63-11CC-46F0-8CC7-6C8E81676DE3}_is1) (Version: 1.2 - SQT)
Nero 9 Essentials (HKLM-x32\...\{7b094e03-cc48-48c3-9089-86b17586bccb}) (Version: - Nero AG)
Nero ControlCenter (HKLM-x32\...\{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}) (Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (HKLM-x32\...\{e8a80433-302b-4ff1-815d-fcc8eac482ff}) (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (HKLM-x32\...\{dba84796-8503-4ff0-af57-1747dd9a166d}) (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (HKLM-x32\...\{7748ac8c-18e3-43bb-959b-088faea16fb2}) (Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (HKLM-x32\...\{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}) (Version: 9.4.10.100 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Norton Security (HKLM-x32\...\NGC) (Version: 22.22.9.11 - Symantec Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 6.5.2 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 6.5.2 - Shark007)
Skype 8.87 (HKLM-x32\...\{C46E8949-FE45-4512-85E1-EB848D9EA196}) (Version: 8.87.0.406 - Skype Technologies S.A.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.87 (HKLM-x32\...\Skype_is1) (Version: 8.87 - Skype Technologies S.A.) Hidden
Smart Tests - testy, které učí (HKLM-x32\...\Smart Tests) (Version: - )
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Sudoku (HKLM-x32\...\Sudoku_is1) (Version: 1.0 - MEDIA TRADE Interactive, s.r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VDownloader 4.5.2598 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.9 - Winamp SA)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Word Manager (HKLM-x32\...\Word Manager) (Version: 1.0.1.0 - Vitware.cz)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-19] (Microsoft Studios) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-13] (Any DVD &amp; Office App)
NotepadX -> C:\Program Files\WindowsApps\27879SnkeKhn.NotepadX_1.7.43.0_x64__xq0nh4s6cn4qe [2021-05-19] (Sönke Köhn)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282624 2007-03-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.i263] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [118784 2006-05-13] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [380928 2007-08-09] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\divxa32.acm [287744 2001-02-25] (Kristal StudioDFileDescription) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2002-07-08] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDex\CDex Site.lnk -> hxxp://cdexos.sourceforge.net

==================== Loaded Modules (Whitelisted) =============

2018-08-25 10:09 - 2006-05-03 03:49 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll
2018-04-16 19:41 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\SpiderMonkey.dll
2022-06-15 05:31 - 2022-06-15 05:31 - 001455616 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GomAudio\MiniBand.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2015-12-04 19:08 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {07AD7CAC-D73B-4561-8646-AA337C19EBE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {09A74828-A733-4595-B8AB-AA8D8825B2E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {303968DB-3944-4379-821E-059CEF6B321D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {48E209C1-CF53-4D43-8B1B-AA500BAFBE10} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {4F9FB4D8-BDF8-437E-BE9B-F5F9172C4887} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {59727CF2-CA7C-4A02-B34E-F9ADAE5F4D7D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {A561C403-0520-456B-853F-29294831643C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__170617__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C7F1AECF-F908-467C-A47C-3299ED673E2C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {EF6265B4-E91A-4BCA-96C8-DCFFF0B13639} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2021-01-13 07:01 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\Calibre2\;C:\Program Files\VDownloader;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-554986064-1367882024-3811459060-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Ota\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\screen8.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F11F5C2DD299C8722D30FC5C9E83555A"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Web Companion"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ABCCA373-A80F-4F77-B51A-7B7337B419E6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{7E0A140F-725D-45F5-8C58-6C1276FD0436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{73F08067-8D58-474C-8B0D-B95C9BBE6753}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{11EAB6F5-364C-4480-A248-162948F33121}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{A53B7D39-424E-41A7-A00C-C2C423E657CD}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{590ABE12-46F8-413B-865B-53897AEDFC1E}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{E88499BE-39DD-408D-ACD8-C5087B7C5962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E8490F2-B498-4E22-B3AF-BFE1351D5F0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF7A3CC6-D980-46C2-9602-4E8937D54400}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{593F554C-FC20-41D2-A68E-4A48F415958A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41330990-D406-4B67-93D7-025B1789D5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77B6BB4E-A7D1-404A-BEE9-7E8D8DDBA778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C96FE7E-9607-4CC1-A647-1BA72B2432D8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{CE5C9608-82AA-41D4-A0A4-1139BF57310A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E44CD42-CDCC-408E-AF86-DF9CA691FB22}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{78A164AD-51D2-48B6-9395-15A8237F306F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BFF9D45E-317A-4893-ABE5-F3808BFF8C07}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{4137AE0D-9248-49E8-BCFB-FA86E31232AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BA39F436-A881-49B7-A9C5-AB228CC2432D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C51117FC-80FB-48EE-A81C-16595A15F5C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{620A1F10-8688-4AD4-B783-5DF276B43258}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{CE1ADA4D-A4E5-450B-8EF0-D7F9C726F2C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{F833B260-694C-4F35-B2DB-40707E6B2C31}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{278877AB-5136-4A19-AC54-78C1E90AF6C8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{7625CD51-DE6E-4DFE-8D1A-2D6FF989970A}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A28922DF-5216-4478-BE30-F324F3C4035B}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6CB67587-DE8E-4071-A757-2458F0EF4C42}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9E2D00E6-6B83-45F3-8CDA-EC0AFDF0759F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CB0F424E-3C95-4D3C-9A67-5091D23723B8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3A91C414-F84D-4875-9FA1-4D570BF195C5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{934044E0-2DA2-4547-AD0F-A33CF03A4E87}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7682E269-2D50-4ADC-AE65-180469DD6F89}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{441F31E9-4A68-49B9-9447-A0DFC25639C9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{D1F39393-0C77-4A8D-AB2D-321CF0ABE272}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{A26C369F-B327-466E-B4A0-F11FFD772D4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08095423-D65A-4453-B10B-A5BB707DD63A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{F947F1FE-C402-48B3-8903-DB75556FC4C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{584E4B71-9B03-4D14-BDE0-55812EF3BF2A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5CD007FD-5D4E-48D2-A126-FB0610A8A795}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{13FB8B81-5ED9-47D4-ADD8-8FDCA83865C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5314DCD3-A14A-4A84-BE93-807BFF5FF397}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38EB961C-F935-4F18-91C6-07D31BC383AF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{625D1934-06AB-4247-B5E2-94E4B552DF25}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E8CB17AC-9E1D-46C5-88F0-C9437D0BC27C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F08FD62-E54C-4D7C-965D-B5B35504BBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{309BDF37-9895-4443-AA58-92B580D63605}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4A34743-DF7F-45B4-AF60-C6E627E32747}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD4542B6-02B4-4C7E-B6C4-CAA1B1591A70}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

31-10-2022 06:31:30 Naplánovaný kontrolní bod
09-11-2022 08:56:12 Instalační služba modulů systému Windows
09-11-2022 19:25:58 Instalační služba modulů systému Windows
09-11-2022 20:03:59 Instalační služba modulů systému Windows
17-11-2022 17:27:52 Instalační služba modulů systému Windows
17-11-2022 17:56:53 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 109328

Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 109328

Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 93687

Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 93687

Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 78062

Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 78062


System errors:
=============
Error: (11/17/2022 09:42:44 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-TTIU2E3)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x27e0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\0000007e).

Error: (11/11/2022 04:37:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/10/2022 06:45:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2022 09:20:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2022 06:59:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2022 06:56:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TTIU2E3)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2022-11-17 18:16:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-17 18:16:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.7 07/18/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 58%
Total physical RAM: 8070.02 MB
Available physical RAM: 3317.48 MB
Total Virtual: 9350.02 MB
Available Virtual: 4275.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.89 GB) (Free:142.11 GB) (Model: WDC WD10EZEX-08M2NA0) NTFS

\\?\Volume{d511e935-e4e0-4f94-8fc9-1e8c041b4eb5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4c41a681-d607-44ea-a7ee-74bdc898fc68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC

#4 Příspěvek od Rudy »

Potřebuji vidět obsah souboru fixlog.txt. Je v C:\01 PC Home\Uloženo\Programy\Viry, Malware. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Re: Pomalé PC

#5 Příspěvek od ota »

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by Ota (21-11-2022 06:48:32) Run:4
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Loaded Profiles: oem & Ota
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [WEBTRAN] => [X]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /submit (No File)
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /analyze (No File)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /ui (No File)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3AC29C-FFB3-49D4-847B-E58BE951CDD0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3AC29C-FFB3-49D4-847B-E58BE951CDD0}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Security with Backup\Norton Security Error Processor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security with Backup\Norton Security Error Processor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DB60C33-3759-4799-AAF1-CAE503C1CE16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DB60C33-3759-4799-AAF1-CAE503C1CE16}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security with Backup\Norton Security Error Analyzer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18836D63-178E-4F56-A689-86EB3E5D47EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18836D63-178E-4F56-A689-86EB3E5D47EC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{981C5FB1-9F39-4720-93B1-CE0373C54C46}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{981C5FB1-9F39-4720-93B1-CE0373C54C46}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Security with Backup\Norton Security Autofix => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security with Backup\Norton Security Autofix" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB6BD106-64B9-4B50-9CA9-959619F05AC3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB6BD106-64B9-4B50-9CA9-959619F05AC3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B}" => not found
"C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11911031 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 906578 B
Windows/system/drivers => 117199621 B
Edge => 0 B
Chrome => 17526576 B
Firefox => 1116960937 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 27626 B
NetworkService => 27626 B
oem => 27626 B
Ota => 18432133 B

RecycleBin => 1068336588 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:49:42 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC

#6 Příspěvek od Rudy »

Bylo smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Re: Pomalé PC

#7 Příspěvek od ota »

Díky moc, problém je vyřešen?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC

#8 Příspěvek od Rudy »

Pokud se zrychlil chod, pak ano. V opačném případě zkuste ještě defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět