Pomalé PC
Napsal: 17 lis 2022 19:42
Prosím o kontrolu logů, zpomalené PC, díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2022
Ran by Ota (administrator) on DESKTOP-TTIU2E3 (MSI MS-7817) (17-11-2022 18:22:06)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Loaded Profiles: oem & Ota
Platform: Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe ->) (ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(C:\Windows\Samsung\PanelMgr\SSMMgr.exe ->) () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [618496 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe [4606464 2017-02-13] (Vitzo) [File not signed]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [33792 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [27648 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /submit (No File)
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /analyze (No File)
Task: {187C9E5B-AF83-40ED-90FA-ADFABF21598C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {1D592AC8-6C72-4690-810D-2F2D7466B67D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2d211d79-0d1a-4686-a1d2-17c0ed47dbf8" --version "6.06.10144" --silent
Task: {22897F6D-4A8C-4DCB-BD2C-F2A59723624F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {3864A0CD-4F58-4E80-99EC-D842EA3CA20C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {4B358772-6290-47CC-B5EB-FD5CE14B878C} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {56C896FD-C985-44EA-98D1-C6651139FDDF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {8F3DDE51-1AA4-4C64-A23F-F7D875765701} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /ui (No File)
Task: {BCFA17EF-ED5C-4EBA-B070-F8169EE9CE18} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {CB49BEA5-E02E-41C3-A98D-DD4F7F1EE0B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {D1BEE155-27E4-4B34-B5EC-E8058FDD7286} - System32\Tasks\CCleanerSkipUAC - Ota => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {E19C8121-1ED1-4CC5-9B89-F4D04531F249} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E9781A52-4267-483B-85C1-3733AA0390DD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
DownloadDir: C:\Users\Ota\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-17]
Edge HomePage: Default -> hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-11-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: dwrkrxjf.default-1446579292021
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 [2022-11-17]
FF Homepage: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF HomepageOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (SaveFrom.net helper) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\helper@savefrom.net.xpi [2022-11-02]
FF Extension: (Norton Password Manager) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\idsafe@norton.com.xpi [2022-11-15]
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-10-25]
FF Extension: (Norton Home Page) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonhomepage@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafeweb@symantec.com.xpi [2022-10-18]
FF Extension: (uBlock Origin) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\uBlock0@raymondhill.net.xpi [2022-11-14]
FF Extension: (FormApps Extension) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-02-07]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2022-11-11]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2022-11-01]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30]
FF SearchPlugin: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\searchplugins\Poshukach Engin Search.xml [2021-08-05]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default [2022-11-17]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-15]
CHR Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-11-09]
CHR Extension: (Have I been pwned?) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpgljciihecejjlildfcakfcmnachahp [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-15]
CHR Extension: (FormApps Extension) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-11-01]
CHR Extension: (Skype) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-13]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-01-11]
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.10.9\NortonSecurity.exe [344888 2022-11-07] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R3 nsWscSvc; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe [1059176 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_formatfactory_pcfreetime_com; "C:/Program Files (x86)/FormatFactory/net_updater64.exe" --updater win_formatfactory.pcfreetime.com [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20221116.015\BHDrvx64.sys [1705040 2022-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\ccSetx64.sys [198280 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20221116.061\IDSvia64.sys [1526776 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\nsvst.sys [57104 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\SRTSP64.SYS [956048 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SRTSPX64.SYS [52872 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SYMEFASI64.SYS [2092696 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SymELAM.sys [36016 2022-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\Ironx64.SYS [306824 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\symnets.sys [490664 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\wpCtrlDrv.sys [1016792 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
S4 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-17 17:32 - 2022-11-17 17:32 - 000000000 ___HD C:\$WinREAgent
2022-11-16 21:15 - 2022-11-16 21:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-11-15 16:38 - 2022-11-15 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-14 11:31 - 2022-11-14 11:31 - 000053126 _____ C:\Users\Ota\Downloads\1073619840277_8_1132_20220823.pdf
2022-11-14 11:30 - 2022-11-14 11:30 - 000054855 _____ C:\Users\Ota\Downloads\1073619840277_10_1132_20221021.pdf
2022-11-12 10:41 - 2022-11-12 17:32 - 000000000 ____D C:\Program Files\RUXIM
2022-11-09 20:57 - 2022-11-09 20:57 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 20:54 - 2022-11-09 20:54 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-02 18:34 - 2022-11-02 18:34 - 000183586 _____ C:\Users\Ota\Downloads\podminky-poskytovani-mobilnich-datovych-balicku-da.pdf
2022-11-02 18:32 - 2022-11-02 18:32 - 000180921 _____ C:\Users\Ota\Downloads\podminky-red-tarifu.pdf
2022-11-01 12:25 - 2022-11-01 12:25 - 000075789 _____ C:\Users\Ota\Downloads\Výpis (1).pdf
2022-10-24 17:11 - 2022-10-24 17:11 - 000000000 ____D C:\Users\Ota\AppData\Local\Microvirt
2022-10-24 17:06 - 2022-10-24 17:06 - 000297896 _____ C:\Users\Ota\Downloads\minecraft WEB (hra) (1).webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days-1.webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days.webp
2022-10-19 18:39 - 2022-11-17 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2022-10-19 18:25 - 2022-10-22 10:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-10-18 18:49 - 2022-10-18 18:49 - 000002274 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-17 18:22 - 2016-11-28 21:32 - 000000000 ____D C:\FRST
2022-11-17 18:18 - 2016-11-16 18:01 - 000000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2022-11-17 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-17 18:03 - 2017-06-17 06:02 - 000000000 ____D C:\Program Files\CCleaner
2022-11-17 18:03 - 2015-11-01 19:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-17 18:00 - 2018-06-06 19:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-17 18:00 - 2015-10-31 01:10 - 000000000 __SHD C:\Users\Ota\IntelGraphicsProfiles
2022-11-17 17:43 - 2020-06-12 22:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-17 17:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-17 16:31 - 2015-10-31 19:24 - 000000000 ____D C:\ProgramData\Mozilla
2022-11-17 11:39 - 2018-02-27 10:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-17 09:41 - 2022-09-21 05:59 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-17 09:41 - 2022-09-21 05:59 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-17 09:41 - 2020-06-12 22:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-17 07:19 - 2015-11-01 19:07 - 000000000 ____D C:\01 PC Home
2022-11-16 17:41 - 2015-10-31 21:15 - 000000000 ____D C:\Users\Ota\AppData\Local\GHISLER
2022-11-15 18:56 - 2020-06-12 22:21 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 18:56 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-15 18:56 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-15 18:56 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 17:35 - 2022-01-12 15:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-15 17:35 - 2015-10-31 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-12 10:41 - 2018-07-13 08:36 - 000000000 ____D C:\Program Files\rempl
2022-11-12 05:52 - 2020-06-12 17:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 05:46 - 2020-06-12 22:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 05:46 - 2020-06-12 22:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 07:59 - 2015-11-01 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-10 06:46 - 2015-08-18 12:04 - 015724341 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2022-11-10 06:45 - 2020-06-12 22:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-10 06:45 - 2020-06-12 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-09 21:22 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-09 21:21 - 2020-06-12 22:02 - 000457816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 21:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 21:17 - 2020-06-12 20:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 20:54 - 2020-06-12 22:08 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 08:56 - 2015-10-31 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 08:45 - 2015-10-31 19:25 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-05 19:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-11-02 14:22 - 2015-11-21 19:31 - 000000000 ____D C:\Users\Ota\AppData\Roaming\vlc
2022-10-29 18:24 - 2021-01-28 20:33 - 000000000 _____ C:\end
2022-10-29 18:24 - 2020-04-24 19:00 - 000008342 _____ C:\nsispromotion_log.txt
2022-10-27 18:53 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\AppData\Roaming\calibre
2022-10-27 18:51 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\Documents\Knihovna Calibre
2022-10-27 18:19 - 2022-09-22 18:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\Program Files\Calibre2
2022-10-24 05:40 - 2020-06-12 22:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-24 05:38 - 2022-10-11 17:09 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\Program Files (x86)\Java
2022-10-23 12:28 - 2017-03-07 19:56 - 000168096 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-10-21 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-19 19:02 - 2017-03-02 19:11 - 000000000 ____D C:\Program Files\Common Files\AV
2022-10-18 18:49 - 2022-02-09 06:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
==================== Files in the root of some directories ========
2018-11-16 20:59 - 2022-03-15 20:09 - 000081408 _____ () C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-05-06 13:49 - 2020-05-06 13:49 - 000004096 ____H () C:\Users\Ota\AppData\Local\keyfile3.drm
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-11-2022
Ran by Ota (17-11-2022 18:26:19)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) (2020-06-12 21:36:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-554986064-1367882024-3811459060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554986064-1367882024-3811459060-503 - Limited - Disabled)
Guest (S-1-5-21-554986064-1367882024-3811459060-501 - Limited - Disabled)
oem (S-1-5-21-554986064-1367882024-3811459060-1001 - Administrator - Enabled) => C:\Users\oem
Ota (S-1-5-21-554986064-1367882024-3811459060-1005 - Administrator - Enabled) => C:\Users\Ota
WDAGUtilityAccount (S-1-5-21-554986064-1367882024-3811459060-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{5D6852FB-8784-4B43-BE3D-05B9658F95E5}) (Version: 6.7.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CS Codec Solution 1.10 (HKLM-x32\...\CS Codec Solution_is1) (Version: 1.10 - CS Software)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 5.9.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.9.0.0 - Free Time)
Free MP4 to MP3 Converter 1.0 (HKLM-x32\...\{1D6B0375-C07F-4BCB-878A-F53803282A60}_is1) (Version: - PolySoft Solutions)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.27.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.79.5344 - GOM & Company)
GOMPLAYERENSETUP 2.2.62.5209 (HKLM-x32\...\GOMPLAYERENSETUP 2.2.62.5209) (Version: - )
Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google)
Google Chrome (HKLM\...\{CCFFC2EC-F561-3EF1-8038-F3608B52F935}) (Version: 107.0.5304.107 - Google LLC)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
Manažer elektronických podání (HKLM-x32\...\MRP eSubmit) (Version: - MRP)
Microsoft Edge (HKLM-x32\...\{EC598353-0B1B-3C21-B98D-79F0CA02D17F}) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-554986064-1367882024-3811459060-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0 (x64 cs)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 107.0.0.8349 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 91.13.1 (x86 cs)) (Version: 91.13.1 - Mozilla)
Multimedia Mouse Driver version 1.2 (HKLM-x32\...\{D1446C63-11CC-46F0-8CC7-6C8E81676DE3}_is1) (Version: 1.2 - SQT)
Nero 9 Essentials (HKLM-x32\...\{7b094e03-cc48-48c3-9089-86b17586bccb}) (Version: - Nero AG)
Nero ControlCenter (HKLM-x32\...\{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}) (Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (HKLM-x32\...\{e8a80433-302b-4ff1-815d-fcc8eac482ff}) (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (HKLM-x32\...\{dba84796-8503-4ff0-af57-1747dd9a166d}) (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (HKLM-x32\...\{7748ac8c-18e3-43bb-959b-088faea16fb2}) (Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (HKLM-x32\...\{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}) (Version: 9.4.10.100 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Norton Security (HKLM-x32\...\NGC) (Version: 22.22.9.11 - Symantec Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 6.5.2 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 6.5.2 - Shark007)
Skype 8.87 (HKLM-x32\...\{C46E8949-FE45-4512-85E1-EB848D9EA196}) (Version: 8.87.0.406 - Skype Technologies S.A.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.87 (HKLM-x32\...\Skype_is1) (Version: 8.87 - Skype Technologies S.A.) Hidden
Smart Tests - testy, které učí (HKLM-x32\...\Smart Tests) (Version: - )
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Sudoku (HKLM-x32\...\Sudoku_is1) (Version: 1.0 - MEDIA TRADE Interactive, s.r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VDownloader 4.5.2598 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.9 - Winamp SA)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Word Manager (HKLM-x32\...\Word Manager) (Version: 1.0.1.0 - Vitware.cz)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-19] (Microsoft Studios) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-13] (Any DVD & Office App)
NotepadX -> C:\Program Files\WindowsApps\27879SnkeKhn.NotepadX_1.7.43.0_x64__xq0nh4s6cn4qe [2021-05-19] (Sönke Köhn)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282624 2007-03-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.i263] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [118784 2006-05-13] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [380928 2007-08-09] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\divxa32.acm [287744 2001-02-25] (Kristal StudioDFileDescription) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2002-07-08] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDex\CDex Site.lnk -> hxxp://cdexos.sourceforge.net
==================== Loaded Modules (Whitelisted) =============
2018-08-25 10:09 - 2006-05-03 03:49 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll
2018-04-16 19:41 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\SpiderMonkey.dll
2022-06-15 05:31 - 2022-06-15 05:31 - 001455616 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GomAudio\MiniBand.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2015-12-04 19:08 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {07AD7CAC-D73B-4561-8646-AA337C19EBE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {09A74828-A733-4595-B8AB-AA8D8825B2E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {303968DB-3944-4379-821E-059CEF6B321D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {48E209C1-CF53-4D43-8B1B-AA500BAFBE10} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {4F9FB4D8-BDF8-437E-BE9B-F5F9172C4887} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {59727CF2-CA7C-4A02-B34E-F9ADAE5F4D7D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {A561C403-0520-456B-853F-29294831643C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__170617__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C7F1AECF-F908-467C-A47C-3299ED673E2C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {EF6265B4-E91A-4BCA-96C8-DCFFF0B13639} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2021-01-13 07:01 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\Calibre2\;C:\Program Files\VDownloader;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-554986064-1367882024-3811459060-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Ota\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\screen8.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F11F5C2DD299C8722D30FC5C9E83555A"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Web Companion"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ABCCA373-A80F-4F77-B51A-7B7337B419E6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{7E0A140F-725D-45F5-8C58-6C1276FD0436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{73F08067-8D58-474C-8B0D-B95C9BBE6753}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{11EAB6F5-364C-4480-A248-162948F33121}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{A53B7D39-424E-41A7-A00C-C2C423E657CD}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{590ABE12-46F8-413B-865B-53897AEDFC1E}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{E88499BE-39DD-408D-ACD8-C5087B7C5962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E8490F2-B498-4E22-B3AF-BFE1351D5F0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF7A3CC6-D980-46C2-9602-4E8937D54400}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{593F554C-FC20-41D2-A68E-4A48F415958A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41330990-D406-4B67-93D7-025B1789D5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77B6BB4E-A7D1-404A-BEE9-7E8D8DDBA778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C96FE7E-9607-4CC1-A647-1BA72B2432D8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{CE5C9608-82AA-41D4-A0A4-1139BF57310A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E44CD42-CDCC-408E-AF86-DF9CA691FB22}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{78A164AD-51D2-48B6-9395-15A8237F306F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BFF9D45E-317A-4893-ABE5-F3808BFF8C07}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{4137AE0D-9248-49E8-BCFB-FA86E31232AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BA39F436-A881-49B7-A9C5-AB228CC2432D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C51117FC-80FB-48EE-A81C-16595A15F5C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{620A1F10-8688-4AD4-B783-5DF276B43258}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{CE1ADA4D-A4E5-450B-8EF0-D7F9C726F2C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{F833B260-694C-4F35-B2DB-40707E6B2C31}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{278877AB-5136-4A19-AC54-78C1E90AF6C8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{7625CD51-DE6E-4DFE-8D1A-2D6FF989970A}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A28922DF-5216-4478-BE30-F324F3C4035B}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6CB67587-DE8E-4071-A757-2458F0EF4C42}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9E2D00E6-6B83-45F3-8CDA-EC0AFDF0759F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CB0F424E-3C95-4D3C-9A67-5091D23723B8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3A91C414-F84D-4875-9FA1-4D570BF195C5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{934044E0-2DA2-4547-AD0F-A33CF03A4E87}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7682E269-2D50-4ADC-AE65-180469DD6F89}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{441F31E9-4A68-49B9-9447-A0DFC25639C9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{D1F39393-0C77-4A8D-AB2D-321CF0ABE272}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{A26C369F-B327-466E-B4A0-F11FFD772D4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08095423-D65A-4453-B10B-A5BB707DD63A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{F947F1FE-C402-48B3-8903-DB75556FC4C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{584E4B71-9B03-4D14-BDE0-55812EF3BF2A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5CD007FD-5D4E-48D2-A126-FB0610A8A795}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{13FB8B81-5ED9-47D4-ADD8-8FDCA83865C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5314DCD3-A14A-4A84-BE93-807BFF5FF397}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38EB961C-F935-4F18-91C6-07D31BC383AF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{625D1934-06AB-4247-B5E2-94E4B552DF25}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E8CB17AC-9E1D-46C5-88F0-C9437D0BC27C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F08FD62-E54C-4D7C-965D-B5B35504BBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{309BDF37-9895-4443-AA58-92B580D63605}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4A34743-DF7F-45B4-AF60-C6E627E32747}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD4542B6-02B4-4C7E-B6C4-CAA1B1591A70}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
31-10-2022 06:31:30 Naplánovaný kontrolní bod
09-11-2022 08:56:12 Instalační služba modulů systému Windows
09-11-2022 19:25:58 Instalační služba modulů systému Windows
09-11-2022 20:03:59 Instalační služba modulů systému Windows
17-11-2022 17:27:52 Instalační služba modulů systému Windows
17-11-2022 17:56:53 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 109328
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 109328
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 93687
Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 93687
Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 78062
Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 78062
System errors:
=============
Error: (11/17/2022 09:42:44 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-TTIU2E3)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.
Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x27e0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\0000007e).
Error: (11/11/2022 04:37:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (11/10/2022 06:45:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/09/2022 09:20:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/09/2022 06:59:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/09/2022 06:56:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TTIU2E3)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2022-11-17 18:16:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-17 18:16:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.7 07/18/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 58%
Total physical RAM: 8070.02 MB
Available physical RAM: 3317.48 MB
Total Virtual: 9350.02 MB
Available Virtual: 4275.01 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.89 GB) (Free:142.11 GB) (Model: WDC WD10EZEX-08M2NA0) NTFS
\\?\Volume{d511e935-e4e0-4f94-8fc9-1e8c041b4eb5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4c41a681-d607-44ea-a7ee-74bdc898fc68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2022
Ran by Ota (administrator) on DESKTOP-TTIU2E3 (MSI MS-7817) (17-11-2022 18:22:06)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Loaded Profiles: oem & Ota
Platform: Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe ->) (ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(C:\Windows\Samsung\PanelMgr\SSMMgr.exe ->) () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program64\Zps.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [618496 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe [4606464 2017-02-13] (Vitzo) [File not signed]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [33792 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [27648 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /submit (No File)
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /analyze (No File)
Task: {187C9E5B-AF83-40ED-90FA-ADFABF21598C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {1D592AC8-6C72-4690-810D-2F2D7466B67D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2d211d79-0d1a-4686-a1d2-17c0ed47dbf8" --version "6.06.10144" --silent
Task: {22897F6D-4A8C-4DCB-BD2C-F2A59723624F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {3864A0CD-4F58-4E80-99EC-D842EA3CA20C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {4B358772-6290-47CC-B5EB-FD5CE14B878C} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {56C896FD-C985-44EA-98D1-C6651139FDDF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {8F3DDE51-1AA4-4C64-A23F-F7D875765701} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe /ui (No File)
Task: {BCFA17EF-ED5C-4EBA-B070-F8169EE9CE18} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\SymErr.exe [379024 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {CB49BEA5-E02E-41C3-A98D-DD4F7F1EE0B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {D1BEE155-27E4-4B34-B5EC-E8058FDD7286} - System32\Tasks\CCleanerSkipUAC - Ota => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {E19C8121-1ED1-4CC5-9B89-F4D04531F249} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E9781A52-4267-483B-85C1-3733AA0390DD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
DownloadDir: C:\Users\Ota\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-17]
Edge HomePage: Default -> hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-11-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: dwrkrxjf.default-1446579292021
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 [2022-11-17]
FF Homepage: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF HomepageOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (SaveFrom.net helper) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\helper@savefrom.net.xpi [2022-11-02]
FF Extension: (Norton Password Manager) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\idsafe@norton.com.xpi [2022-11-15]
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-10-25]
FF Extension: (Norton Home Page) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonhomepage@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafeweb@symantec.com.xpi [2022-10-18]
FF Extension: (uBlock Origin) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\uBlock0@raymondhill.net.xpi [2022-11-14]
FF Extension: (FormApps Extension) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-02-07]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2022-11-11]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2022-11-01]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30]
FF SearchPlugin: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\searchplugins\Poshukach Engin Search.xml [2021-08-05]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default [2022-11-17]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-15]
CHR Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-11-09]
CHR Extension: (Have I been pwned?) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpgljciihecejjlildfcakfcmnachahp [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-15]
CHR Extension: (FormApps Extension) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-11-01]
CHR Extension: (Skype) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-13]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-01-11]
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.10.9\NortonSecurity.exe [344888 2022-11-07] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R3 nsWscSvc; C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\nsWscSvc.exe [1059176 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_formatfactory_pcfreetime_com; "C:/Program Files (x86)/FormatFactory/net_updater64.exe" --updater win_formatfactory.pcfreetime.com [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20221116.015\BHDrvx64.sys [1705040 2022-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\ccSetx64.sys [198280 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20221116.061\IDSvia64.sys [1526776 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\nsvst.sys [57104 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\SRTSP64.SYS [956048 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SRTSPX64.SYS [52872 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SYMEFASI64.SYS [2092696 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\SymELAM.sys [36016 2022-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16160A0.009\Ironx64.SYS [306824 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\symnets.sys [490664 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616090.00B\wpCtrlDrv.sys [1016792 2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
S4 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-17 17:32 - 2022-11-17 17:32 - 000000000 ___HD C:\$WinREAgent
2022-11-16 21:15 - 2022-11-16 21:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-11-15 16:38 - 2022-11-15 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-14 11:31 - 2022-11-14 11:31 - 000053126 _____ C:\Users\Ota\Downloads\1073619840277_8_1132_20220823.pdf
2022-11-14 11:30 - 2022-11-14 11:30 - 000054855 _____ C:\Users\Ota\Downloads\1073619840277_10_1132_20221021.pdf
2022-11-12 10:41 - 2022-11-12 17:32 - 000000000 ____D C:\Program Files\RUXIM
2022-11-09 20:57 - 2022-11-09 20:57 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 20:57 - 2022-11-09 20:57 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 20:54 - 2022-11-09 20:54 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-02 18:34 - 2022-11-02 18:34 - 000183586 _____ C:\Users\Ota\Downloads\podminky-poskytovani-mobilnich-datovych-balicku-da.pdf
2022-11-02 18:32 - 2022-11-02 18:32 - 000180921 _____ C:\Users\Ota\Downloads\podminky-red-tarifu.pdf
2022-11-01 12:25 - 2022-11-01 12:25 - 000075789 _____ C:\Users\Ota\Downloads\Výpis (1).pdf
2022-10-24 17:11 - 2022-10-24 17:11 - 000000000 ____D C:\Users\Ota\AppData\Local\Microvirt
2022-10-24 17:06 - 2022-10-24 17:06 - 000297896 _____ C:\Users\Ota\Downloads\minecraft WEB (hra) (1).webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days-1.webp
2022-10-24 17:05 - 2022-10-24 17:05 - 000146866 _____ C:\Users\Ota\Downloads\minecraft movie 1000 days.webp
2022-10-19 18:39 - 2022-11-17 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2022-10-19 18:25 - 2022-10-22 10:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-10-18 18:49 - 2022-10-18 18:49 - 000002274 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-17 18:22 - 2016-11-28 21:32 - 000000000 ____D C:\FRST
2022-11-17 18:18 - 2016-11-16 18:01 - 000000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2022-11-17 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-17 18:03 - 2017-06-17 06:02 - 000000000 ____D C:\Program Files\CCleaner
2022-11-17 18:03 - 2015-11-01 19:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-17 18:00 - 2018-06-06 19:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-17 18:00 - 2015-10-31 01:10 - 000000000 __SHD C:\Users\Ota\IntelGraphicsProfiles
2022-11-17 17:43 - 2020-06-12 22:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-17 17:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-17 16:31 - 2015-10-31 19:24 - 000000000 ____D C:\ProgramData\Mozilla
2022-11-17 11:39 - 2018-02-27 10:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-17 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-17 09:41 - 2022-09-21 05:59 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-17 09:41 - 2022-09-21 05:59 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-17 09:41 - 2020-06-12 22:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-17 07:19 - 2015-11-01 19:07 - 000000000 ____D C:\01 PC Home
2022-11-16 17:41 - 2015-10-31 21:15 - 000000000 ____D C:\Users\Ota\AppData\Local\GHISLER
2022-11-15 18:56 - 2020-06-12 22:21 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 18:56 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-15 18:56 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-15 18:56 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 17:35 - 2022-01-12 15:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-15 17:35 - 2015-10-31 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-12 10:41 - 2018-07-13 08:36 - 000000000 ____D C:\Program Files\rempl
2022-11-12 05:52 - 2020-06-12 17:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 05:46 - 2020-06-12 22:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 05:46 - 2020-06-12 22:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 07:59 - 2015-11-01 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-10 06:46 - 2015-08-18 12:04 - 015724341 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2022-11-10 06:45 - 2020-06-12 22:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-10 06:45 - 2020-06-12 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-09 21:22 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-09 21:21 - 2020-06-12 22:02 - 000457816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 21:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 21:17 - 2020-06-12 20:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 21:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 20:54 - 2020-06-12 22:08 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 08:56 - 2015-10-31 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 08:45 - 2015-10-31 19:25 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-05 19:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-11-02 14:22 - 2015-11-21 19:31 - 000000000 ____D C:\Users\Ota\AppData\Roaming\vlc
2022-10-29 18:24 - 2021-01-28 20:33 - 000000000 _____ C:\end
2022-10-29 18:24 - 2020-04-24 19:00 - 000008342 _____ C:\nsispromotion_log.txt
2022-10-27 18:53 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\AppData\Roaming\calibre
2022-10-27 18:51 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\Documents\Knihovna Calibre
2022-10-27 18:19 - 2022-09-22 18:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2022-10-26 10:53 - 2016-01-07 19:38 - 000000000 ____D C:\Program Files\Calibre2
2022-10-24 05:40 - 2020-06-12 22:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-24 05:38 - 2022-10-11 17:09 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-10-23 12:29 - 2017-03-07 19:56 - 000000000 ____D C:\Program Files (x86)\Java
2022-10-23 12:28 - 2017-03-07 19:56 - 000168096 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-10-21 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-19 19:02 - 2017-03-02 19:11 - 000000000 ____D C:\Program Files\Common Files\AV
2022-10-18 18:49 - 2022-02-09 06:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
==================== Files in the root of some directories ========
2018-11-16 20:59 - 2022-03-15 20:09 - 000081408 _____ () C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-05-06 13:49 - 2020-05-06 13:49 - 000004096 ____H () C:\Users\Ota\AppData\Local\keyfile3.drm
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-11-2022
Ran by Ota (17-11-2022 18:26:19)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware
Microsoft Windows 10 Home Version 21H1 19043.2251 (X64) (2020-06-12 21:36:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-554986064-1367882024-3811459060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554986064-1367882024-3811459060-503 - Limited - Disabled)
Guest (S-1-5-21-554986064-1367882024-3811459060-501 - Limited - Disabled)
oem (S-1-5-21-554986064-1367882024-3811459060-1001 - Administrator - Enabled) => C:\Users\oem
Ota (S-1-5-21-554986064-1367882024-3811459060-1005 - Administrator - Enabled) => C:\Users\Ota
WDAGUtilityAccount (S-1-5-21-554986064-1367882024-3811459060-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{5D6852FB-8784-4B43-BE3D-05B9658F95E5}) (Version: 6.7.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CS Codec Solution 1.10 (HKLM-x32\...\CS Codec Solution_is1) (Version: 1.10 - CS Software)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 5.9.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.9.0.0 - Free Time)
Free MP4 to MP3 Converter 1.0 (HKLM-x32\...\{1D6B0375-C07F-4BCB-878A-F53803282A60}_is1) (Version: - PolySoft Solutions)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.27.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.79.5344 - GOM & Company)
GOMPLAYERENSETUP 2.2.62.5209 (HKLM-x32\...\GOMPLAYERENSETUP 2.2.62.5209) (Version: - )
Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google)
Google Chrome (HKLM\...\{CCFFC2EC-F561-3EF1-8038-F3608B52F935}) (Version: 107.0.5304.107 - Google LLC)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
Manažer elektronických podání (HKLM-x32\...\MRP eSubmit) (Version: - MRP)
Microsoft Edge (HKLM-x32\...\{EC598353-0B1B-3C21-B98D-79F0CA02D17F}) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-554986064-1367882024-3811459060-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0 (x64 cs)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 107.0.0.8349 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 91.13.1 (x86 cs)) (Version: 91.13.1 - Mozilla)
Multimedia Mouse Driver version 1.2 (HKLM-x32\...\{D1446C63-11CC-46F0-8CC7-6C8E81676DE3}_is1) (Version: 1.2 - SQT)
Nero 9 Essentials (HKLM-x32\...\{7b094e03-cc48-48c3-9089-86b17586bccb}) (Version: - Nero AG)
Nero ControlCenter (HKLM-x32\...\{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}) (Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (HKLM-x32\...\{e8a80433-302b-4ff1-815d-fcc8eac482ff}) (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (HKLM-x32\...\{dba84796-8503-4ff0-af57-1747dd9a166d}) (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (HKLM-x32\...\{7748ac8c-18e3-43bb-959b-088faea16fb2}) (Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (HKLM-x32\...\{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}) (Version: 9.4.10.100 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Norton Security (HKLM-x32\...\NGC) (Version: 22.22.9.11 - Symantec Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 6.5.2 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 6.5.2 - Shark007)
Skype 8.87 (HKLM-x32\...\{C46E8949-FE45-4512-85E1-EB848D9EA196}) (Version: 8.87.0.406 - Skype Technologies S.A.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.87 (HKLM-x32\...\Skype_is1) (Version: 8.87 - Skype Technologies S.A.) Hidden
Smart Tests - testy, které učí (HKLM-x32\...\Smart Tests) (Version: - )
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Sudoku (HKLM-x32\...\Sudoku_is1) (Version: 1.0 - MEDIA TRADE Interactive, s.r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VDownloader 4.5.2598 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.9 - Winamp SA)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Word Manager (HKLM-x32\...\Word Manager) (Version: 1.0.1.0 - Vitware.cz)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-19] (Microsoft Studios) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-13] (Any DVD & Office App)
NotepadX -> C:\Program Files\WindowsApps\27879SnkeKhn.NotepadX_1.7.43.0_x64__xq0nh4s6cn4qe [2021-05-19] (Sönke Köhn)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\buShell.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\NavShExt.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282624 2007-03-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.i263] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [118784 2006-05-13] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [380928 2007-08-09] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\divxa32.acm [287744 2001-02-25] (Kristal StudioDFileDescription) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2002-07-08] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDex\CDex Site.lnk -> hxxp://cdexos.sourceforge.net
==================== Loaded Modules (Whitelisted) =============
2018-08-25 10:09 - 2006-05-03 03:49 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll
2018-04-16 19:41 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\SpiderMonkey.dll
2022-06-15 05:31 - 2022-06-15 05:31 - 001455616 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GomAudio\MiniBand.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2015-12-04 19:08 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {07AD7CAC-D73B-4561-8646-AA337C19EBE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {09A74828-A733-4595-B8AB-AA8D8825B2E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {303968DB-3944-4379-821E-059CEF6B321D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {48E209C1-CF53-4D43-8B1B-AA500BAFBE10} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {4F9FB4D8-BDF8-437E-BE9B-F5F9172C4887} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {59727CF2-CA7C-4A02-B34E-F9ADAE5F4D7D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {A561C403-0520-456B-853F-29294831643C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__170617__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C7F1AECF-F908-467C-A47C-3299ED673E2C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {EF6265B4-E91A-4BCA-96C8-DCFFF0B13639} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine32\22.22.9.11\coIEPlg.dll [2022-10-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2021-01-13 07:01 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\Calibre2\;C:\Program Files\VDownloader;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-554986064-1367882024-3811459060-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Ota\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\screen8.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F11F5C2DD299C8722D30FC5C9E83555A"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "Web Companion"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ABCCA373-A80F-4F77-B51A-7B7337B419E6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{7E0A140F-725D-45F5-8C58-6C1276FD0436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{73F08067-8D58-474C-8B0D-B95C9BBE6753}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{11EAB6F5-364C-4480-A248-162948F33121}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{A53B7D39-424E-41A7-A00C-C2C423E657CD}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{590ABE12-46F8-413B-865B-53897AEDFC1E}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{E88499BE-39DD-408D-ACD8-C5087B7C5962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E8490F2-B498-4E22-B3AF-BFE1351D5F0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF7A3CC6-D980-46C2-9602-4E8937D54400}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{593F554C-FC20-41D2-A68E-4A48F415958A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41330990-D406-4B67-93D7-025B1789D5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77B6BB4E-A7D1-404A-BEE9-7E8D8DDBA778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C96FE7E-9607-4CC1-A647-1BA72B2432D8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{CE5C9608-82AA-41D4-A0A4-1139BF57310A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E44CD42-CDCC-408E-AF86-DF9CA691FB22}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{78A164AD-51D2-48B6-9395-15A8237F306F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BFF9D45E-317A-4893-ABE5-F3808BFF8C07}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{4137AE0D-9248-49E8-BCFB-FA86E31232AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BA39F436-A881-49B7-A9C5-AB228CC2432D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C51117FC-80FB-48EE-A81C-16595A15F5C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{620A1F10-8688-4AD4-B783-5DF276B43258}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{CE1ADA4D-A4E5-450B-8EF0-D7F9C726F2C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{F833B260-694C-4F35-B2DB-40707E6B2C31}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{278877AB-5136-4A19-AC54-78C1E90AF6C8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{7625CD51-DE6E-4DFE-8D1A-2D6FF989970A}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A28922DF-5216-4478-BE30-F324F3C4035B}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6CB67587-DE8E-4071-A757-2458F0EF4C42}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9E2D00E6-6B83-45F3-8CDA-EC0AFDF0759F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CB0F424E-3C95-4D3C-9A67-5091D23723B8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3A91C414-F84D-4875-9FA1-4D570BF195C5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{934044E0-2DA2-4547-AD0F-A33CF03A4E87}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7682E269-2D50-4ADC-AE65-180469DD6F89}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{441F31E9-4A68-49B9-9447-A0DFC25639C9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{D1F39393-0C77-4A8D-AB2D-321CF0ABE272}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{A26C369F-B327-466E-B4A0-F11FFD772D4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08095423-D65A-4453-B10B-A5BB707DD63A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{F947F1FE-C402-48B3-8903-DB75556FC4C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{584E4B71-9B03-4D14-BDE0-55812EF3BF2A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5CD007FD-5D4E-48D2-A126-FB0610A8A795}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{13FB8B81-5ED9-47D4-ADD8-8FDCA83865C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5314DCD3-A14A-4A84-BE93-807BFF5FF397}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38EB961C-F935-4F18-91C6-07D31BC383AF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{625D1934-06AB-4247-B5E2-94E4B552DF25}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E8CB17AC-9E1D-46C5-88F0-C9437D0BC27C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F08FD62-E54C-4D7C-965D-B5B35504BBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{309BDF37-9895-4443-AA58-92B580D63605}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4A34743-DF7F-45B4-AF60-C6E627E32747}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD4542B6-02B4-4C7E-B6C4-CAA1B1591A70}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
31-10-2022 06:31:30 Naplánovaný kontrolní bod
09-11-2022 08:56:12 Instalační služba modulů systému Windows
09-11-2022 19:25:58 Instalační služba modulů systému Windows
09-11-2022 20:03:59 Instalační služba modulů systému Windows
17-11-2022 17:27:52 Instalační služba modulů systému Windows
17-11-2022 17:56:53 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 109328
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 109328
Error: (11/17/2022 05:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 93687
Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 93687
Error: (11/17/2022 05:59:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 78062
Error: (11/17/2022 05:59:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 78062
System errors:
=============
Error: (11/17/2022 09:42:44 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-TTIU2E3)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.
Error: (11/14/2022 11:36:13 AM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x27e0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\0000007e).
Error: (11/11/2022 04:37:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (11/10/2022 06:45:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/09/2022 09:20:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/09/2022 06:59:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_formatfactory_pcfreetime_com neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/09/2022 06:56:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TTIU2E3)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2022-11-17 18:16:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-17 18:16:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.7 07/18/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 58%
Total physical RAM: 8070.02 MB
Available physical RAM: 3317.48 MB
Total Virtual: 9350.02 MB
Available Virtual: 4275.01 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.89 GB) (Free:142.11 GB) (Model: WDC WD10EZEX-08M2NA0) NTFS
\\?\Volume{d511e935-e4e0-4f94-8fc9-1e8c041b4eb5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4c41a681-d607-44ea-a7ee-74bdc898fc68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================