Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
13918
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 06 led 2008 22:10

Prosím o kontrolu

#1 Příspěvek od 13918 »

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-01-2023
Ran by počítač (18-01-2023 20:47:49)
Running from C:\Users\počítač\Downloads
Microsoft Windows 10 Home Version 22H2 19045.2251 (X86) (2021-03-15 19:15:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-443292339-3009160627-2304898852-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-443292339-3009160627-2304898852-503 - Limited - Disabled)
Guest (S-1-5-21-443292339-3009160627-2304898852-501 - Limited - Disabled)
Moje (S-1-5-21-443292339-3009160627-2304898852-1000 - Limited - Enabled)
počítač (S-1-5-21-443292339-3009160627-2304898852-1001 - Administrator - Enabled) => C:\Users\počítač
WDAGUtilityAccount (S-1-5-21-443292339-3009160627-2304898852-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Out of date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
ACS Unified PC/SC Driver 4.3.1.0 (HKLM\...\{F5AE1A5D-E9A0-4EDE-B872-E314DF5797F6}) (Version: 4.3.1.0 - Advanced Card Systems Ltd.)
Adobe Reader 7.0.7 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70700000002}) (Version: 7.0.7 - Adobe Systems Incorporated)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Balíček ovladače systému Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (01/08/2019 4.3.1.0) (HKLM\...\F0BF7B36B8B2F7E24302D9C217904BB74C70A5BE) (Version: 01/08/2019 4.3.1.0 - Advanced Card Systems Ltd.)
calibre (HKLM\...\{411C8AA5-C889-41C2-BE9A-A4425FC18FF4}) (Version: 5.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Epson Event Manager (HKLM\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
EPSON L3250 Series Printer Uninstall (HKLM\...\EPSON L3250 Series) (Version: - Seiko Epson Corporation)
Epson Manuals (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 2.0.4.0 - Seiko Epson Corporation)
Epson Photo+ (HKLM\...\{5DCB4864-C363-4654-89BF-42660B841136}) (Version: 3.7.1.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM\...\{562C1C83-6199-49DD-987B-60D5FF7BC971}) (Version: 3.3.2.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM\...\{948F96A1-DA95-455C-8086-A77CDC184770}) (Version: 3.6.5 - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{14898485-6509-496B-8C30-D5DB8C1C8639}) (Version: 4.6.3 - Seiko Epson Corporation)
ESET Security (HKLM\...\{CC70AA03-8F8E-497B-8FFB-C468EA97111D}) (Version: 16.0.26.0 - ESET, spol. s r.o.)
GemPcCCID (HKLM\...\{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}) (Version: 2.0.3 - Gemalto)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
HID OMNIKEY 4040 PC/SC Driver (HKLM\...\{28F7D5D1-9639-41AB-9B22-E9B5FDFC58A4}) (Version: 3.0.0.2 - HID Global Corporation)
I.CA Diagnostic (HKLM\...\{3B3DA42B-7740-41A2-945B-505000D11434}) (Version: 1.3.3.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM\...\I.CA Diagnostic 1.3.3.0) (Version: 1.3.3.0 - První certifikační autorita, a.s.)
I.CA Maintenance2 (HKLM\...\{9529FD2A-DF47-43E2-9F7D-E0BDF2C110B5}) (Version: 2.0.1032.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance2 (HKLM\...\I.CA Maintenance2 2.0.1032.0) (Version: 2.0.1032.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{68E03B0A-5D69-43F3-B41A-F264039E3A02}) (Version: 2.1.6.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM\...\I.CA PKIServiceHost 2.1.6.0) (Version: 2.1.6.0 - První certifikační autorita, a.s.)
K-Lite Mega Codec Pack 17.4.0 (HKLM\...\KLiteCodecPack_is1) (Version: 17.4.0 - KLCP)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 109.0.1518.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM\...\Microsoft EdgeWebView) (Version: 109.0.1518.52 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\OneDriveSetup.exe) (Version: 22.212.1009.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{9C6FFF73-5B2D-4683-B111-8C952357A4E5}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Opera Stable 94.0.4606.38 (HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\Opera 94.0.4606.38) (Version: 94.0.4606.38 - Opera Software)
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.12.0 - Prolific Technology INC)
Pomocník s aktualizací Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
RogueKiller version 14.8.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.5.0 - Adlice Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 (KB5001716) (HKLM\...\{37B0AE6B-8B20-4603-95D9-48C1338CB154}) (Version: 8.91.0.0 - Microsoft Corporation)
USB Vibration Joystick (BM) (HKLM\...\{61A994FF-D39B-4937-9DB9-87EC4FF1BB88}) (Version: 1.00.0000 - ShanWan)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2022-03-12] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x86__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-443292339-3009160627-2304898852-1001_Classes\CLSID\{23A5B06E-20BB-4E7E-A0AC-6982ED6A6041}\localserver32 -> C:\Users\počítač\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk () [File not signed]
CustomCLSID: HKU\S-1-5-21-443292339-3009160627-2304898852-1001_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> C:\Users\počítač\AppData\Local\Programs\Opera\94.0.4606.38\notification_helper.exe (Opera Norway AS -> The Chromium Authors)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-19] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-03-04 08:37 - 2022-07-15 15:00 - 000062976 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2003-02-21 03:42 - 2003-02-21 03:42 - 000348160 ____R (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\MSVCR71.dll
2021-08-22 09:19 - 2021-08-22 09:19 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [368]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 07:12 - 2019-12-07 07:10 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-443292339-3009160627-2304898852-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-443292339-3009160627-2304898852-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run: => "ICAMaintenance_ICAPKIService_RegKeysRefresh"
HKLM\...\StartupApproved\Run: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run: => "EEventManager"
HKLM\...\StartupApproved\Run: => "EPPCCMON"
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B1AA05B0FC0399349BF0A6FD80C661A8"
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\StartupApproved\Run: => "Advanced SystemCare"
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{961A57BA-84A5-482F-AEF9-85AD2DC41620}C:\users\počítač\appdata\local\programs\opera\opera.exe] => (Block) C:\users\počítač\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{6E89DE86-21A1-4AAB-9B3B-BA206FBD074C}C:\users\počítač\appdata\local\programs\opera\opera.exe] => (Block) C:\users\počítač\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{372849A2-208C-4C2C-8045-5ED821BFD889}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{074ECEC9-45A0-4AE2-B474-7FD70D58EE8A}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{7D7E19EF-DC5B-4EC9-B628-FF43AA96AF44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94DBC5F6-EB1E-4F35-8003-187B22C2FA8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A8C37728-74EE-43D0-8300-D13B4697CC96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB2CBA35-7B5D-436A-A4CB-7CDE7468F75E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2DCFB981-56D3-429E-8208-E002634A74E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83C4B927-D346-4AE8-915E-94370D06CC33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A82CC39-B912-4DD8-951D-90F126AB7E89}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A54BB173-512A-49F8-88EC-19E2079963B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8749256F-6B59-4A09-B25C-6E093421A954}] => (Allow) C:\Users\počítač\AppData\Local\Programs\Opera\94.0.4606.38\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{0A58CDF8-DAD7-4BBD-8D76-681F5333FB7C}] => (Allow) C:\Program Files\Microsoft\EdgeWebView\Application\109.0.1518.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C0A9132-8DD6-4ABE-B278-B37604F929BC}] => (Allow) C:\Program Files\DriverPack\tools\aria2c.exe => No File
FirewallRules: [{4A9B739C-5279-4EB7-AA3C-3A9D3F8D623A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2C7FD2BE-FCA5-4FD2-88E9-280284C1739D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DED00B9E-50E8-4F44-A4AE-FF2908FB11CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{962F4C5F-F055-497F-8AD6-72991E2FC64C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F95AA4B-0D9D-47D3-B086-CC3E62DDF6DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9F29717-C66B-4BE9-9E0B-8102C0F81630}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DD60E59-7B16-4E3D-88C9-AD15DE5E1BFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63A500A0-9235-4F99-AF87-FB5D4E3CC3DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{181CFC2A-C891-4A5D-B99E-E3E6A2CE5FCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EC44D4B-865C-4C35-AE55-06F95F9C93F4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B5154E57-93D7-462A-829F-A7FA1D3DA38B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38B051CD-7656-4F3B-82ED-9467294D29CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

17-01-2023 04:27:56 Instalační služba modulů systému Windows
18-01-2023 17:22:25 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2023 08:35:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (G:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)

Error: (01/18/2023 08:22:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (G:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)

Error: (01/18/2023 07:34:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/18/2023 07:34:04 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/18/2023 06:00:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mousocoreworker.exe, verze: 10.0.19041.2193, časové razítko: 0x1cb6125c
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x82dc99a2
Kód výjimky: 0xc0000409
Posun chyby: 0x0009eddb
ID chybujícího procesu: 0x3d0
Čas spuštění chybující aplikace: 0x01d92b50785c1076
Cesta k chybující aplikaci: C:\Windows\System32\mousocoreworker.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: b0f10ce9-f118-495e-8fef-5b47368c70fe
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/18/2023 05:23:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/18/2023 05:22:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-443292339-3009160627-2304898852-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {d2ff0205-1f6a-4b73-a006-811af48b175d}

Error: (01/18/2023 05:21:40 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (G:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)


System errors:
=============
Error: (01/18/2023 07:39:45 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000013a (0x00000012, 0x85c01100, 0x8e4a8000, 0x00000000). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: e9382888-f823-4167-99d9-1c57bf427406

Error: (01/18/2023 10:59:03 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000013a (0x00000012, 0x89c01100, 0x91d02000, 0x00000000). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: c8f6b471-3407-43d1-8dfa-fcc9af2ff04e

Error: (01/18/2023 10:58:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:19:48, ‎18.‎01.‎2023) bylo neočekávané.

Error: (01/18/2023 09:49:48 AM) (Source: DCOM) (EventID: 10010) (User: Moje-PC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/18/2023 09:21:06 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000013a (0x00000012, 0x84201100, 0x8e41a000, 0x00000000). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: 1357ba8e-d315-48eb-b1cc-88745e94fba7

Error: (01/17/2023 05:25:25 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/17/2023 05:25:09 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Instalační služba modulů systému Windows se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/17/2023 05:20:57 AM) (Source: disk) (EventID: 15) (User: )
Description: Zařízení \Device\Harddisk2\DR2 ještě není připraveno pro přístup.


Windows Defender:
================
Date: 2023-01-18 20:42:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0EC58BAA-E50E-4614-8F78-BC3AC7A24912}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-01-18 20:25:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A260A290-6C36-41BC-8D75-3EB45F280854}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-01-05 17:02:20
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\IObit\Advanced SystemCare\Monitor.exe provádění změn v paměti.
Čas detekce: 2023-01-05T16:02:20.853Z
Uživatel: Moje-PC\počítač
Cesta: \Device\CdRom0
Název procesu: C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
Verze bezpečnostních informací: 1.381.1761.0
Verze modulu: 1.1.19900.2
Verze produktu: 4.18.2211.5

Date: 2023-01-05 16:53:30
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\IObit\Advanced SystemCare\Monitor.exe provádění změn v paměti.
Čas detekce: 2023-01-05T15:53:30.158Z
Uživatel: Moje-PC\počítač
Cesta: \Device\CdRom0
Název procesu: C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
Verze bezpečnostních informací: 1.381.1761.0
Verze modulu: 1.1.19900.2
Verze produktu: 4.18.2211.5

Date: 2023-01-05 16:31:13
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\IObit\Advanced SystemCare\sdproxy.exe provádění změn v paměti.
Čas detekce: 2023-01-05T15:31:13.634Z
Uživatel: Moje-PC\počítač
Cesta: \Device\HarddiskVolume2
Název procesu: C:\Program Files\IObit\Advanced SystemCare\sdproxy.exe
Verze bezpečnostních informací: 1.381.1761.0
Verze modulu: 1.1.19900.2
Verze produktu: 4.18.2211.5
Event[0]:

Date: 2022-12-28 14:08:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1200.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2022-12-19 09:13:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.481.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2023-01-18 20:42:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2023-01-18 20:41:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-01-18 20:21:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1238 09/30/2008
Motherboard: ASUSTeK Computer INC. P5B-Deluxe
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 72%
Total physical RAM: 3071.18 MB
Available physical RAM: 858.56 MB
Total Virtual: 4159.18 MB
Available Virtual: 1124.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:786.39 GB) (Model: ST1000DM003-1CH162 ATA Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: () (Fixed) (Total:0.5 GB) (Free:0.5 GB) (Model: WDC WD1600AAJS-08L7A0 ATA Device) FAT32

\\?\Volume{2d235f7c-1cf6-11e9-b5a7-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{73736572-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 462E86E5)
Partition 1: (Active) - (Size=512 MB) - (Type=FAT32)
Partition 2: (Not Active) - (Size=148.5 GB) - (Type=05)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 73736572)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-01-2023
Ran by počítač (administrator) on MOJE-PC (18-01-2023 20:45:03)
Running from C:\Users\počítač\Downloads
Loaded Profiles: počítač
Platform: Microsoft Windows 10 Home Version 22H2 19045.2251 (X86) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Users\počítač\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\počítač\AppData\Local\Programs\Opera\94.0.4606.38\opera_crashreporter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Opera Norway AS -> Opera Software) C:\Users\počítač\AppData\Local\Programs\Opera\opera.exe <22>
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x86__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_21f65238c42b469f\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File not signed]
HKLM\...\Run: [EPPCCMON] => C:\Program Files\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [188928 2022-12-19] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIYWE.EXE [410712 2020-09-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\Run: [MicrosoftEdgeAutoLaunch_B1AA05B0FC0399349BF0A6FD80C661A8] => "C:\Program Files\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3068360 2023-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\MountPoints2: {36044625-1d8b-11e9-9810-001a9262ed08} - "F:\Launch.exe"
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Uninstall 22.176.0821.0003] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\22.176.0821.0003" (No File)
HKLM\...\Windows NT x86\Print Processors\OneNotePrint2007: C:\Windows\System32\spool\prtprocs\W32X86\msonpppr.dll [33104 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\W32X86\us003pc.dll [29696 2021-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: CNMLMBV.DLL (No File)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [65536 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON L3250 Series 32MonitorBE: C:\Windows\system32\E_TLMBYWE.DLL [148480 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\Send To Microsoft OneNote Monitor: C:\Windows\system32\msonpmon.dll [31640 2009-02-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\us003 Langmon: C:\Windows\system32\us003lm.dll [18432 2021-11-20] (Microsoft Windows Hardware Compatibility Publisher -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DCBA536-ADC2-4FEF-92C1-93976027A319} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [109056 2022-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {13EC87DE-94EF-4A94-A9EE-25CE20D0BE3A} - System32\Tasks\iTop Christmas Task (One-Time) => C:\Program Files\iTop Data Recovery\Pub\itopxmas.exe /idr (No File)
Task: {15A74039-F181-4FD8-8462-52DB14A9F940} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1204400 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15F771A8-5D6D-47C4-9C8F-CC1131BC9C43} - System32\Tasks\Opera scheduled assistant Autoupdate 1634384393 => C:\Users\počítač\AppData\Local\Programs\Opera\launcher.exe [1962440 2022-12-20] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\počítač\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {164C025E-5015-4E4E-8973-99DABD23E88E} - System32\Tasks\Opera scheduled Autoupdate 1634384386 => C:\Users\počítač\AppData\Local\Programs\Opera\launcher.exe [1962440 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {2B6F9E15-89AB-4B48-AA95-093607E4E567} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1204400 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F34117D-B8DE-4DC5-88A9-C7B5DC324BAD} - System32\Tasks\EPSON L3250 Series Update {FF916526-0AD3-4AB4-B167-202D0F8CDAD7} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSYWE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {2FA9DA31-D1B1-4FDD-9511-2305B45CA779} - System32\Tasks\Opera scheduled assistant Autoupdate 1615912060 => C:\Users\Moje\AppData\Local\Programs\Opera\launcher.exe [3255504 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Moje\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5630357F-60AF-490D-BAB5-7A09EC7CB123} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-01-11] () [File not signed]
Task: {612960F8-EE65-4086-8A6E-F429DD9241A8} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [68096 2022-11-09] (Microsoft Windows -> Microsoft Corporation)
Task: {6E486002-5E92-4C10-AD10-08CB6A01C707} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4208464 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "20edba8a-df8e-46af-a67e-990e943ca2bf" --version "6.07.10191" --silent
Task: {6E77A0A8-6B1D-4501-A845-8B94ADFE85E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1204400 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80D3C525-666B-45B6-8AA8-5FAC7E03AFE1} - System32\Tasks\AmigabitDataRecovery => C:\Program Files\Amigabit\Data Recovery\Tray.exe /autorun (No File)
Task: {8DACFEC1-A41F-49F0-B763-D86AA5F43160} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Moje\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {92F8E2E1-274F-484D-A551-D832D00FCEB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1204400 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8D76B26-ACA4-4C42-BA41-1DE14687AC42} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [68096 2022-09-27] (Microsoft Windows -> Microsoft Corporation)
Task: {ACB09762-8D8C-4792-8705-414DABF162F8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {AD7B59B8-5537-42C7-B9DC-0C4DA7B9FA67} - System32\Tasks\Opera scheduled Autoupdate 1615912042 => C:\Users\Moje\AppData\Local\Programs\Opera\launcher.exe [3255504 2021-10-20] (Opera Software AS -> Opera Software)
Task: {AEF4906A-9F90-40D9-90AC-E698C22D73C3} - System32\Tasks\Christmas Task (One-Time) => C:\Program Files\IObit\IObit Malware Fighter\xmas.exe /xr (No File)
Task: {B19D1E65-F1F1-4350-8772-3EEB227E015F} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Moje\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {D3F429D4-7D1F-4D75-857F-70D35F0223E0} - System32\Tasks\CCleanerSkipUAC - počítač => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D4EE211A-B462-4A88-8453-D6947CD0E57A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {EE15199F-7904-4F29-96BC-1E9CE13FBA6F} - System32\Tasks\CCleanerSkipUAC - Moje => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AmigabitDataRecovery.job => C:\Program Files\Amigabit\Data Recovery\Tray.exe
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\EPSON L3250 Series Update {FF916526-0AD3-4AB4-B167-202D0F8CDAD7}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSYWE.EXE:/EXE:{FF916526-0AD3-4AB4-B167-202D0F8CDAD7} /F:UpdateWORKGROUP\MOJE-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2966fe71-69c2-4a21-b53a-a3e82cfa641a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e29cd383-04f1-47f1-a286-904fa68f8e41}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\počítač\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-18]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)

Opera:
=======
OPR Profile: C:\Users\počítač\AppData\Roaming\Opera Software\Opera Stable [2023-01-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\počítač\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-28]
OPR Extension: (Opera Wallet) - C:\Users\počítač\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\počítač\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [217088 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [795472 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3088688 2022-12-19] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3088688 2022-12-19] (ESET, spol. s r.o. -> ESET)
S3 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [260064 2021-06-21] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [11969856 2021-02-12] (Adlice -> )
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [281448 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [1972984 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [89696 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [10070016 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [290304 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT3.sys [82432 2021-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [205312 2021-04-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x32.sys [40848 2023-01-05] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [139808 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163312 2022-12-19] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [99720 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\Windows\System32\DRIVERS\edevmonm.sys [100232 2022-12-19] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15312 2023-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [198416 2022-12-19] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [47064 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [72880 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [105424 2022-12-19] (ESET, spol. s r.o. -> ESET)
R3 es1371; C:\Windows\system32\drivers\es1371mp.sys [37376 2021-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R0 JRAID; C:\Windows\System32\drivers\jraid.sys [106296 2021-08-14] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 MpKsl96ad5f90; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0E9551B2-2C1C-4D6D-9DAA-9D5CF55FCC3B}\MpKslDrv.sys [57592 2023-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 RTL8187; C:\Windows\System32\drivers\rtl8187.sys [375808 2010-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [155664 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [40368 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [373000 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [67848 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\počítač\AppData\Local\Temp\tmp371A.tmp [14416 2023-01-18] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ATTENTION
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [213504 2022-09-27] (Microsoft Windows -> Microsoft Corporation)
R3 yukonw8; C:\Windows\System32\drivers\yk63x86.sys [242688 2019-12-07] (Microsoft Windows -> Marvell)
S3 AscFileControl; \??\C:\Program Files\IObit\Advanced SystemCare\drivers\win10_x86\AscFileControl.sys [X]
U3 avgbdisk; no ImagePath
S3 cpuz145; no ImagePath
S3 cpuz148; no ImagePath
S3 Imf8HpRegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfHpRegFilter.sys [X]
S3 IMFEFSFileControl; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\IMFEFSFileControl.sys [X]
S3 ImfHpFileFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfHpFileFilter.sys [X]
S3 ImfRealScanner; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfRealScanner.sys [X]
S3 ImfRegistryFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfRegistryFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-18 20:45 - 2023-01-18 20:46 - 000020008 _____ C:\Users\počítač\Downloads\FRST.txt
2023-01-18 20:27 - 2023-01-18 20:28 - 002078720 _____ (Farbar) C:\Users\počítač\Downloads\FRST.exe
2023-01-18 19:38 - 2023-01-18 19:39 - 000773988 _____ C:\Windows\Minidump\011823-30421-01.dmp
2023-01-18 19:37 - 2023-01-18 19:38 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-18 19:30 - 2023-01-18 19:30 - 000000000 ____D C:\Users\počítač\AppData\Roaming\MPC-HC
2023-01-18 18:46 - 2023-01-18 18:46 - 000002020 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2023-01-18 18:46 - 2022-12-19 16:37 - 000047064 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2023-01-18 18:32 - 2023-01-18 18:32 - 008971520 _____ (ESET) C:\Users\počítač\Downloads\eset_internet_security_live_installer.exe
2023-01-18 12:47 - 2023-01-18 12:47 - 000003288 _____ C:\Windows\system32\Tasks\klcp_update
2023-01-18 12:47 - 2023-01-18 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2023-01-18 12:47 - 2019-12-28 11:00 - 000681984 _____ C:\Windows\system32\xvidcore.dll
2023-01-18 12:47 - 2019-12-28 11:00 - 000284160 _____ C:\Windows\system32\xvidvfw.dll
2023-01-18 12:47 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2023-01-18 12:47 - 2012-07-21 12:54 - 000122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2023-01-18 12:47 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\Windows\system32\lagarith.dll
2023-01-18 12:46 - 2023-01-18 12:47 - 000000000 ____D C:\Program Files\K-Lite Codec Pack
2023-01-18 12:45 - 2023-01-18 12:47 - 062003725 _____ (KLCP ) C:\Users\počítač\Downloads\K-Lite_Codec_Pack_1740_Mega (1).exe
2023-01-18 12:42 - 2023-01-18 12:44 - 062003725 _____ (KLCP ) C:\Users\počítač\Downloads\K-Lite_Codec_Pack_1740_Mega.exe
2023-01-18 12:04 - 2023-01-18 12:04 - 000000000 ____D C:\Users\počítač\.cache
2023-01-18 12:01 - 2023-01-18 12:04 - 000000000 ____D C:\Users\počítač\AppData\Roaming\DRPSu
2023-01-18 11:52 - 2023-01-18 11:55 - 000000000 ____D C:\ProgramData\BSD
2023-01-18 10:58 - 2023-01-18 19:38 - 154961189 _____ C:\Windows\MEMORY.DMP
2023-01-18 10:58 - 2023-01-18 10:59 - 000586236 _____ C:\Windows\Minidump\011823-28828-01.dmp
2023-01-18 09:22 - 2023-01-18 09:22 - 000003360 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-443292339-3009160627-2304898852-1000
2023-01-18 09:19 - 2023-01-18 09:21 - 000511508 _____ C:\Windows\Minidump\011823-47000-01.dmp
2023-01-18 09:10 - 2023-01-18 09:10 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-443292339-3009160627-2304898852-1000
2023-01-18 07:56 - 2023-01-18 08:00 - 000000000 ____D C:\Users\počítač\Desktop\Sid Meier's Railroads!
2023-01-17 07:33 - 2023-01-17 07:33 - 000000000 ___HD C:\$WinREAgent
2023-01-16 18:07 - 2023-01-16 18:07 - 000000000 __SHD C:\found.000
2023-01-16 17:27 - 2023-01-16 17:28 - 000502452 _____ C:\Windows\Minidump\011623-33296-01.dmp
2023-01-16 15:50 - 2023-01-16 15:50 - 000000870 _____ C:\Users\počítač\Desktop\Start Tor Browser.lnk
2023-01-16 15:49 - 2023-01-16 15:49 - 000000000 ____D C:\Users\počítač\Desktop\Tor Browser
2023-01-15 19:34 - 2023-01-15 19:36 - 001330356 _____ C:\Windows\Minidump\011523-43640-01.dmp
2023-01-13 06:21 - 2023-01-13 06:21 - 000000000 ____D C:\Users\počítač\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-32bit
2023-01-13 06:07 - 2023-01-13 06:07 - 000000000 ____D C:\Users\počítač\Downloads\amd-catalyst-15.7.1-win10-32bit
2023-01-12 23:32 - 2023-01-15 20:07 - 000000000 ____D C:\Users\počítač\AppData\Roaming\vlc
2023-01-12 23:32 - 2023-01-12 23:32 - 000001097 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-01-12 23:32 - 2023-01-12 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-01-12 23:31 - 2023-01-12 23:31 - 000000000 ____D C:\Program Files\VideoLAN
2023-01-08 17:50 - 2023-01-08 17:50 - 000003844 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2023-01-08 17:50 - 2023-01-08 17:50 - 000003402 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2023-01-06 18:17 - 2023-01-06 18:18 - 000000000 ____D C:\Users\počítač\Desktop\Emilka Holubová - Montezumův poklad
2023-01-06 11:05 - 2023-01-16 15:50 - 000000918 _____ C:\Users\počítač\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2023-01-05 18:43 - 2023-01-05 18:43 - 000001428 _____ C:\Users\počítač\Desktop\ESET Online Scanner.lnk
2023-01-05 18:24 - 2023-01-05 18:24 - 000003644 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-01-05 16:59 - 2022-12-19 16:37 - 000163312 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2023-01-05 16:59 - 2022-12-19 16:37 - 000100232 _____ (ESET) C:\Windows\system32\Drivers\edevmonm.sys
2023-01-05 16:58 - 2022-12-19 16:37 - 000198416 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2023-01-05 15:50 - 2023-01-05 15:51 - 214142976 _____ C:\Windows\system32\config\COMPONENTS.iobit
2023-01-05 15:50 - 2023-01-05 15:50 - 000839680 _____ C:\Windows\system32\config\DEFAULT.iobit
2023-01-05 15:50 - 2023-01-05 15:50 - 000077824 _____ C:\Windows\system32\config\SAM.iobit
2023-01-05 15:50 - 2023-01-05 15:50 - 000024576 _____ C:\Windows\system32\config\SECURITY.iobit
2023-01-05 15:49 - 2023-01-05 15:50 - 065171456 _____ C:\Windows\system32\config\SOFTWARE.iobit
2023-01-05 15:39 - 2023-01-05 15:39 - 000003334 _____ C:\Windows\system32\Tasks\iTop Christmas Task (One-Time)
2023-01-05 15:33 - 2023-01-05 15:34 - 000000000 ____D C:\Users\počítač\AppData\Roaming\iTop Data Recovery
2023-01-05 15:29 - 2023-01-05 18:27 - 000000000 ____D C:\ProgramData\ProductData
2022-12-26 12:09 - 2022-12-26 12:09 - 000000000 ____D C:\Users\počítač\AppData\Local\calibre-ebook.com
2022-12-26 12:09 - 2022-12-26 12:09 - 000000000 ____D C:\Users\počítač\AppData\Local\cache
2022-12-26 11:39 - 2022-12-26 11:39 - 000000000 ____D C:\Users\počítač\AppData\Local\calibre-parallel
2022-12-26 11:27 - 2023-01-08 12:36 - 000000000 ____D C:\Users\počítač\AppData\Local\calibre-cache
2022-12-23 11:13 - 2023-01-05 16:51 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-12-23 11:13 - 2023-01-05 16:41 - 000003106 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-12-23 11:13 - 2023-01-05 16:41 - 000003048 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-12-23 09:22 - 2023-01-05 16:39 - 000003642 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1634384386
2022-12-23 09:22 - 2022-12-23 09:22 - 000001395 _____ C:\Users\počítač\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-12-22 10:09 - 2022-12-22 10:09 - 000000000 ____D C:\Users\počítač\AppData\Roaming\ATI
2022-12-22 10:09 - 2022-12-22 10:09 - 000000000 ____D C:\Users\počítač\AppData\Local\ATI
2022-12-22 09:58 - 2023-01-18 12:23 - 000000000 ____D C:\Program Files\ATI Technologies
2022-12-22 09:58 - 2022-12-22 09:58 - 000000000 ____D C:\Program Files\ATI
2022-12-22 09:55 - 2022-12-27 16:40 - 000000000 ____D C:\AMD
2022-12-22 08:45 - 2022-12-22 08:45 - 000000000 ____D C:\Users\počítač\Desktop\nová karta
2022-12-20 22:35 - 2023-01-05 16:39 - 000003900 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1634384393
2022-12-20 09:11 - 2022-12-20 09:18 - 000000000 ____D C:\ProgramData\RogueKiller
2022-12-20 09:11 - 2022-12-20 09:12 - 000000000 ____D C:\Program Files\RogueKiller
2022-12-19 16:37 - 2022-12-19 16:37 - 000105424 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2022-12-19 16:37 - 2022-12-19 16:37 - 000072880 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-18 20:46 - 2021-03-01 15:53 - 000000000 ____D C:\FRST
2023-01-18 20:45 - 2019-12-07 07:12 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-18 20:45 - 2019-12-07 07:12 - 000000000 ____D C:\Windows\AppReadiness
2023-01-18 20:35 - 2019-12-07 07:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-18 20:23 - 2022-05-23 21:10 - 000000000 ____D C:\Users\počítač\AppData\Local\ElevatedDiagnostics
2023-01-18 19:40 - 2021-03-17 18:29 - 000000000 ____D C:\Windows\Minidump
2023-01-18 19:38 - 2021-03-15 20:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-18 19:38 - 2021-03-15 19:54 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-18 19:34 - 2019-12-07 07:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-01-18 18:48 - 2021-10-16 12:33 - 000000000 ____D C:\Users\počítač\AppData\LocalLow\Mozilla
2023-01-18 18:46 - 2022-12-16 14:12 - 000015312 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2023-01-18 18:46 - 2019-12-07 07:10 - 000000000 ____D C:\Windows\INF
2023-01-18 18:45 - 2019-12-07 07:12 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-01-18 17:57 - 2019-12-07 07:03 - 000000000 ____D C:\Windows\CbsTemp
2023-01-18 12:24 - 2021-03-17 17:13 - 000000000 ____D C:\ProgramData\AMD
2023-01-18 12:22 - 2019-12-07 07:12 - 000000230 _____ C:\Windows\win.ini
2023-01-18 12:04 - 2021-10-16 11:02 - 000000000 ____D C:\Users\počítač
2023-01-18 11:45 - 2021-10-24 12:01 - 000000000 ____D C:\Users\počítač\AppData\Local\D3DSCache
2023-01-18 09:35 - 2019-12-07 07:12 - 000000000 ____D C:\Windows\LiveKernelReports
2023-01-18 09:20 - 2021-03-15 20:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-01-18 09:20 - 2019-12-07 07:12 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-01-18 08:09 - 2021-03-25 18:03 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-18 08:09 - 2021-03-25 18:03 - 000002220 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-17 09:45 - 2021-10-21 17:19 - 000000000 ____D C:\Users\počítač\Calibre Library
2023-01-16 18:05 - 2019-12-07 07:12 - 000000000 ____D C:\Windows\system32\NDF
2023-01-16 15:06 - 2021-10-05 17:15 - 000000000 ____D C:\Program Files\CCleaner
2023-01-16 15:05 - 2022-10-19 16:48 - 000000000 ____D C:\Users\počítač\AppData\Roaming\tor
2023-01-13 06:37 - 2022-05-11 21:49 - 000651812 _____ C:\Windows\system32\perfh005.dat
2023-01-13 06:37 - 2022-05-11 21:49 - 000133600 _____ C:\Windows\system32\perfc005.dat
2023-01-13 06:37 - 2021-03-15 20:19 - 001541036 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-12 18:47 - 2021-03-17 17:36 - 000000000 ____D C:\Windows\system32\MRT
2023-01-12 18:42 - 2021-03-17 17:35 - 145597096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-01-10 10:38 - 2021-03-25 18:31 - 000000000 ____D C:\Users\počítač\Desktop\Tříděné stažené
2023-01-08 17:50 - 2021-10-16 12:33 - 000001556 _____ C:\Users\počítač\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-01-08 13:41 - 2022-01-19 10:28 - 000092048 _____ C:\Users\počítač\AppData\Local\GDIPFONTCACHEV1.DAT
2023-01-05 20:02 - 2021-07-18 19:11 - 006267592 _____ C:\Users\počítač\Desktop\Seznam knih 18.7.2021.xlsx
2023-01-05 18:29 - 2021-10-24 12:30 - 000000000 ____D C:\Users\počítač\AppData\LocalLow\IObit
2023-01-05 18:29 - 2021-10-16 11:02 - 000000000 ____D C:\Users\počítač\AppData\Roaming\IObit
2023-01-05 18:29 - 2021-08-17 14:47 - 000000000 ____D C:\ProgramData\IObit
2023-01-05 18:29 - 2021-08-12 17:45 - 000000000 ____D C:\Program Files\Common Files\IObit
2023-01-05 17:38 - 2021-10-24 13:00 - 000002256 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - počítač
2023-01-05 16:40 - 2021-10-05 17:15 - 000002310 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Moje
2023-01-05 15:39 - 2021-11-16 18:58 - 000000000 ____D C:\ProgramData\iTop
2023-01-04 16:31 - 2021-10-16 11:02 - 000000000 ____D C:\Users\počítač\AppData\Local\VirtualStore
2022-12-31 12:40 - 2021-10-16 11:02 - 000000000 ____D C:\Users\počítač\AppData\Local\Microsoft Help
2022-12-31 11:56 - 2021-02-23 16:50 - 000000000 ____D C:\Users\počítač\Desktop\Bezpečnost
2022-12-31 10:57 - 2021-03-25 18:03 - 000003628 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-12-31 10:57 - 2021-03-25 18:03 - 000003504 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-27 15:21 - 2021-10-18 16:54 - 000000000 ____D C:\Users\počítač\AppData\Local\CrashDumps
2022-12-23 11:16 - 2021-08-13 14:47 - 000000000 ____D C:\ProgramData\Mozilla
2022-12-20 09:12 - 2021-02-25 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2022-12-20 08:58 - 2021-10-16 11:10 - 000000000 ____D C:\Users\počítač\AppData\Local\Comms
2022-12-20 08:56 - 2021-10-24 12:24 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\IObit
2022-12-20 08:56 - 2021-08-12 17:48 - 000000000 ____D C:\Users\Moje\AppData\LocalLow\IObit
2022-12-20 08:55 - 2021-10-24 12:19 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2022-12-19 16:37 - 2022-03-15 13:36 - 000099720 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys

==================== Files in the root of some directories ========

2022-01-30 16:17 - 2022-01-30 16:17 - 000009851 _____ () C:\Users\počítač\AppData\Local\HWVendorDetection.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#2 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [368]
FirewallRules: [{4C0A9132-8DD6-4ABE-B278-B37604F929BC}] => (Allow) C:\Program Files\DriverPack\tools\aria2c.exe => No File
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\MountPoints2: {36044625-1d8b-11e9-9810-001a9262ed08} - "F:\Launch.exe"
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Uninstall 22.176.0821.0003] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\22.176.0821.0003" (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: CNMLMBV.DLL (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {13EC87DE-94EF-4A94-A9EE-25CE20D0BE3A} - System32\Tasks\iTop Christmas Task (One-Time) => C:\Program Files\iTop Data Recovery\Pub\itopxmas.exe /idr (No File)
Task: {AEF4906A-9F90-40D9-90AC-E698C22D73C3} - System32\Tasks\Christmas Task (One-Time) => C:\Program Files\IObit\IObit Malware Fighter\xmas.exe /xr (No File)
U3 avgbdisk; no ImagePath
S3 cpuz145; no ImagePath
S3 cpuz148; no ImagePath
S3 Imf8HpRegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfHpRegFilter.sys [X]
S3 IMFEFSFileControl; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\IMFEFSFileControl.sys [X]
S3 ImfHpFileFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfHpFileFilter.sys [X]
S3 ImfRealScanner; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfRealScanner.sys [X]
S3 ImfRegistryFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfRegistryFilter.sys [X]

EmptyTemp:
End
Uložte do C:\Users\počítač\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

13918
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 06 led 2008 22:10

Re: Prosím o kontrolu

#3 Příspěvek od 13918 »

Fix result of Farbar Recovery Scan Tool (x86) Version: 11-01-2023
Ran by počítač (19-01-2023 10:22:32) Run:1
Running from C:\Users\počítač\Downloads
Loaded Profiles: počítač & Administrator
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [368]
FirewallRules: [{4C0A9132-8DD6-4ABE-B278-B37604F929BC}] => (Allow) C:\Program Files\DriverPack\tools\aria2c.exe => No File
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\...\MountPoints2: {36044625-1d8b-11e9-9810-001a9262ed08} - "F:\Launch.exe"
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-443292339-3009160627-2304898852-500\...\RunOnce: [Uninstall 22.176.0821.0003] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\22.176.0821.0003" (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: CNMLMBV.DLL (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {13EC87DE-94EF-4A94-A9EE-25CE20D0BE3A} - System32\Tasks\iTop Christmas Task (One-Time) => C:\Program Files\iTop Data Recovery\Pub\itopxmas.exe /idr (No File)
Task: {AEF4906A-9F90-40D9-90AC-E698C22D73C3} - System32\Tasks\Christmas Task (One-Time) => C:\Program Files\IObit\IObit Malware Fighter\xmas.exe /xr (No File)
U3 avgbdisk; no ImagePath
S3 cpuz145; no ImagePath
S3 cpuz148; no ImagePath
S3 Imf8HpRegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfHpRegFilter.sys [X]
S3 IMFEFSFileControl; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\IMFEFSFileControl.sys [X]
S3 ImfHpFileFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfHpFileFilter.sys [X]
S3 ImfRealScanner; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfRealScanner.sys [X]
S3 ImfRegistryFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win10_x86\ImfRegistryFilter.sys [X]

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully.
C:\ProgramData\TEMP => ":1AAB2E68" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C0A9132-8DD6-4ABE-B278-B37604F929BC}" => removed successfully.
HKU\S-1-5-21-443292339-3009160627-2304898852-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36044625-1d8b-11e9-9810-001a9262ed08} => removed successfully.
"HKU\S-1-5-21-443292339-3009160627-2304898852-500\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully.
"HKU\S-1-5-21-443292339-3009160627-2304898852-500\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully.
"HKU\S-1-5-21-443292339-3009160627-2304898852-500\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 22.176.0821.0003" => removed successfully.
HKLM\System\CurrentControlSet\Control\Print\Monitors\Canon BJ Language Monitor MG3500 series => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13EC87DE-94EF-4A94-A9EE-25CE20D0BE3A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13EC87DE-94EF-4A94-A9EE-25CE20D0BE3A}" => removed successfully.
C:\Windows\System32\Tasks\iTop Christmas Task (One-Time) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iTop Christmas Task (One-Time)" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEF4906A-9F90-40D9-90AC-E698C22D73C3}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEF4906A-9F90-40D9-90AC-E698C22D73C3}" => removed successfully.
C:\Windows\System32\Tasks\Christmas Task (One-Time) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Christmas Task (One-Time)" => removed successfully.
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully.
avgbdisk => service removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz145 => removed successfully.
cpuz145 => service removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz148 => removed successfully.
cpuz148 => service removed successfully.
HKLM\System\CurrentControlSet\Services\Imf8HpRegFilter => removed successfully.
Imf8HpRegFilter => service removed successfully.
HKLM\System\CurrentControlSet\Services\IMFEFSFileControl => removed successfully.
IMFEFSFileControl => service removed successfully.
HKLM\System\CurrentControlSet\Services\ImfHpFileFilter => removed successfully.
ImfHpFileFilter => service removed successfully.
HKLM\System\CurrentControlSet\Services\ImfRealScanner => removed successfully.
ImfRealScanner => service removed successfully.
HKLM\System\CurrentControlSet\Services\ImfRegistryFilter => removed successfully.
ImfRegistryFilter => service removed successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34335655 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1092874 B
Edge => 0 B
Firefox => 0 B
Opera => 421192896 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 76662 B
NetworkService => 82728 B
Moje => 3342080 B
počítač => 395951615 B
Administrator => 395981199 B

RecycleBin => 347821161 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:23:44 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#4 Příspěvek od Rudy »

Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

13918
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 06 led 2008 22:10

Re: Prosím o kontrolu

#5 Příspěvek od 13918 »

Je tedy vše ok?
Děkuji za pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#6 Příspěvek od Rudy »

Je to OK.Pokud nemáte žádný problém. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět