Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé spuštění ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pomalé spuštění ntb
Prosím o pomoc. Ntb se mi po několka měsících velmi zpomalil, hlavně po spuštění. Děkuji
******************
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (22-01-2020 14:38:16)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ACD Systems International -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\LogTransport2.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1910.1283.0_x64__8wekyb3d8bbwe\LocalBridge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5553712 2019-12-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0D5AB018-2F47-47CF-AFA3-07476CF262CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {82582F81-C49F-4D1C-B016-9A7B1318A102} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-01-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-18]
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://puttraffic.com; hxxps://trycracksoftware.com; hxxps://vk.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://zulip.pirati.cz
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-24]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-11-18]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-09-23]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152672 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32776 2018-05-11] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:38 - 2020-01-22 14:40 - 000031547 _____ C:\Users\croft\Desktop\FRST.txt
2020-01-22 14:36 - 2020-01-22 14:36 - 002580480 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2020-01-22 09:59 - 2020-01-22 09:59 - 000144431 _____ C:\Users\croft\Downloads\DNEDP4-8862013402-20200121-210237.pdf
2020-01-20 19:13 - 2020-01-20 19:13 - 002609972 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.de.cs.pdf
2020-01-20 19:12 - 2020-01-20 19:12 - 002467452 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.pdf
2020-01-19 16:45 - 2020-01-19 18:55 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-01-19 13:40 - 2020-01-19 13:40 - 000363006 _____ C:\Users\croft\Downloads\priloha_743523478_0_Dopis_OSVC_2020_-_DS.pdf
2020-01-19 13:40 - 2020-01-19 13:40 - 000199773 _____ C:\Users\croft\Downloads\priloha_743515926_0_p690427307_6957163103.pdf
2020-01-18 20:43 - 2020-01-18 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-18 10:43 - 2020-01-18 10:43 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-18 10:42 - 2020-01-18 10:43 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-01-13 19:43 - 2020-01-13 19:43 - 000000000 ____D C:\Users\croft\Downloads\10_18
2020-01-13 19:41 - 2020-01-13 19:41 - 000000000 ____D C:\Users\croft\Downloads\06_2019
2020-01-13 14:59 - 2020-01-13 15:16 - 3199629713 _____ C:\Users\croft\Downloads\Big Boys Gone Bananas!_.mp4
2020-01-13 13:51 - 2020-01-13 13:51 - 000001458 _____ C:\Users\croft\Downloads\Dokumenty (2).htm
2020-01-12 10:01 - 2020-01-12 11:31 - 1641979103 _____ C:\Users\croft\Downloads\Baťa, první globalista - dokument CT.mkv
2020-01-10 21:54 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_19
2020-01-10 21:40 - 2020-01-10 21:41 - 000000000 ____D C:\Users\croft\Downloads\8_19
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-01-05 17:40 - 2020-01-05 17:40 - 014969468 _____ C:\Users\croft\Downloads\oprava zipu.mp4
2020-01-03 23:27 - 2020-01-13 20:35 - 000000000 ____D C:\Users\croft\Downloads\8_18
2020-01-03 22:30 - 2020-01-19 13:21 - 000000000 ____D C:\Users\croft\Downloads\5_18
2020-01-03 22:30 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_18
2020-01-03 22:30 - 2020-01-03 23:20 - 000000000 ____D C:\Users\croft\Downloads\6_18
2020-01-03 22:19 - 2020-01-10 19:36 - 000000000 ____D C:\Users\croft\Downloads\4_18
2020-01-03 22:11 - 2020-01-03 22:11 - 000000000 ____D C:\Users\croft\Downloads\3_18
2020-01-03 21:57 - 2020-01-03 22:03 - 000000000 ____D C:\Users\croft\Downloads\1_18
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:39 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-01-22 14:27 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 06:25 - 2019-03-08 17:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-21 22:25 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:57 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-21 07:49 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-01-20 15:18 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-01-20 15:06 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-01-19 21:10 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-01-18 20:47 - 2019-06-19 15:46 - 000000000 ____D C:\Program Files\UNP
2020-01-18 20:45 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-01-18 20:43 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-18 20:43 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:43 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:36 - 2019-03-08 17:18 - 000453232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 20:36 - 2019-03-08 17:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-18 20:34 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2020-01-18 11:10 - 2019-03-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-01-18 10:48 - 2019-03-08 15:39 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-18 10:48 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-01-08 15:37 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2020-01-06 18:46 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-01-03 20:47 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2020-01-03 15:01 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-23 11:29 - 2019-04-09 15:13 - 000000000 ____D C:\Program Files (x86)\Torrent
==================== Files in the root of some directories ========
2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
*******************
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020
Ran by Líba (22-01-2020 14:41:17)
Running from C:\Users\croft\Desktop
Windows 10 Home Version 1809 17763.973 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-17] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-25 03:44 - 2019-06-25 03:44 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62A2FEF2-1C1C-4EDE-A6CB-EAED6322738B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AE5B7D8-E43B-4116-BBD8-D4969FC88913}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37384BF1-6A30-4C2C-91EE-A7326D76DAD4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7BE6DBED-4A7A-436B-9AF6-67AFCD13F203}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0697D58-C222-48FD-91A8-AAA61E0987AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B8D576-18E9-44DB-9873-B41E4617AA28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27E26270-1C6B-4F51-B1CF-45AD7567296E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22E5E7C4-68C5-443E-873B-CEFAD8DF0B21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6551714-6438-4152-91C8-BC8A8E036F31}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
02-01-2020 10:29:18 Naplánovaný kontrolní bod
12-01-2020 10:30:55 Naplánovaný kontrolní bod
18-01-2020 10:24:03 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 01:39:40 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 320749160 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 09:42:42 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 306531359 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 04:23:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/21/2020 10:23:54 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 265803151 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 04:17:24 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 243815454 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 11:25:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17763.864 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 166c
Čas spuštění: 01d5ce3703eda348
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 1caf87a5-1b6f-4b06-b646-b89cd5dced0e
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/21/2020 11:25:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 226297586 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 07:46:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (01/21/2020 04:18:37 PM) (Source: DCOM) (EventID: 10010) (User: LÍBA)
Description: Server Windows.Internal.WebRuntime.ContentProcess#{00031402-0001-0000-F3C7-B20C00000000} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/20/2020 10:53:28 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/20/2020 08:29:45 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/19/2020 12:51:47 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:42 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:41 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-11-03 18:21:40.798
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6749DB17-5D80-47A5-976C-BAA512FD3794}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 14:25:47.673
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {00D2DBDC-ED36-412A-A987-262F9EDB90B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 13:28:27.206
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bitrep.A
ID: 2147723097
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.295.1355.0, AS: 1.295.1355.0, NIS: 1.295.1355.0
Verze modulu: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-24 10:09:05.050
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D857466F-649B-4343-A392-0FEDFC3013CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 10:01:21.690
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {225C9647-B675-4C39-A215-3923060F5640}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-22 20:11:23.914
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16600.7
Předchozí verze modulu: 1.1.16600.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2019-05-21 12:07:08.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-01-18 20:39:08.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:38:14.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2019-12-27 14:39:46.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:34:46.239
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:45.874
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:24:46.335
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 78%
Total physical RAM: 8078.22 MB
Available physical RAM: 1712.09 MB
Total Virtual: 13379.05 MB
Available Virtual: 3688.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:827.14 GB) NTFS
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
******************
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (22-01-2020 14:38:16)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ACD Systems International -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\LogTransport2.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1910.1283.0_x64__8wekyb3d8bbwe\LocalBridge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5553712 2019-12-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0D5AB018-2F47-47CF-AFA3-07476CF262CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {82582F81-C49F-4D1C-B016-9A7B1318A102} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-01-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-18]
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://puttraffic.com; hxxps://trycracksoftware.com; hxxps://vk.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://zulip.pirati.cz
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-24]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-11-18]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-09-23]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152672 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32776 2018-05-11] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:38 - 2020-01-22 14:40 - 000031547 _____ C:\Users\croft\Desktop\FRST.txt
2020-01-22 14:36 - 2020-01-22 14:36 - 002580480 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2020-01-22 09:59 - 2020-01-22 09:59 - 000144431 _____ C:\Users\croft\Downloads\DNEDP4-8862013402-20200121-210237.pdf
2020-01-20 19:13 - 2020-01-20 19:13 - 002609972 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.de.cs.pdf
2020-01-20 19:12 - 2020-01-20 19:12 - 002467452 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.pdf
2020-01-19 16:45 - 2020-01-19 18:55 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-01-19 13:40 - 2020-01-19 13:40 - 000363006 _____ C:\Users\croft\Downloads\priloha_743523478_0_Dopis_OSVC_2020_-_DS.pdf
2020-01-19 13:40 - 2020-01-19 13:40 - 000199773 _____ C:\Users\croft\Downloads\priloha_743515926_0_p690427307_6957163103.pdf
2020-01-18 20:43 - 2020-01-18 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-18 10:43 - 2020-01-18 10:43 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-18 10:42 - 2020-01-18 10:43 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-01-13 19:43 - 2020-01-13 19:43 - 000000000 ____D C:\Users\croft\Downloads\10_18
2020-01-13 19:41 - 2020-01-13 19:41 - 000000000 ____D C:\Users\croft\Downloads\06_2019
2020-01-13 14:59 - 2020-01-13 15:16 - 3199629713 _____ C:\Users\croft\Downloads\Big Boys Gone Bananas!_.mp4
2020-01-13 13:51 - 2020-01-13 13:51 - 000001458 _____ C:\Users\croft\Downloads\Dokumenty (2).htm
2020-01-12 10:01 - 2020-01-12 11:31 - 1641979103 _____ C:\Users\croft\Downloads\Baťa, první globalista - dokument CT.mkv
2020-01-10 21:54 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_19
2020-01-10 21:40 - 2020-01-10 21:41 - 000000000 ____D C:\Users\croft\Downloads\8_19
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-01-05 17:40 - 2020-01-05 17:40 - 014969468 _____ C:\Users\croft\Downloads\oprava zipu.mp4
2020-01-03 23:27 - 2020-01-13 20:35 - 000000000 ____D C:\Users\croft\Downloads\8_18
2020-01-03 22:30 - 2020-01-19 13:21 - 000000000 ____D C:\Users\croft\Downloads\5_18
2020-01-03 22:30 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_18
2020-01-03 22:30 - 2020-01-03 23:20 - 000000000 ____D C:\Users\croft\Downloads\6_18
2020-01-03 22:19 - 2020-01-10 19:36 - 000000000 ____D C:\Users\croft\Downloads\4_18
2020-01-03 22:11 - 2020-01-03 22:11 - 000000000 ____D C:\Users\croft\Downloads\3_18
2020-01-03 21:57 - 2020-01-03 22:03 - 000000000 ____D C:\Users\croft\Downloads\1_18
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 14:39 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-01-22 14:27 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 06:25 - 2019-03-08 17:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-21 22:25 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:57 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-21 07:49 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-01-20 15:18 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-01-20 15:06 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-01-19 21:10 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-01-18 20:47 - 2019-06-19 15:46 - 000000000 ____D C:\Program Files\UNP
2020-01-18 20:45 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-01-18 20:43 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-18 20:43 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:43 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:36 - 2019-03-08 17:18 - 000453232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 20:36 - 2019-03-08 17:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-18 20:34 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2020-01-18 11:10 - 2019-03-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-01-18 10:48 - 2019-03-08 15:39 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-18 10:48 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-01-08 15:37 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2020-01-06 18:46 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-01-03 20:47 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2020-01-03 15:01 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-23 11:29 - 2019-04-09 15:13 - 000000000 ____D C:\Program Files (x86)\Torrent
==================== Files in the root of some directories ========
2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
*******************
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020
Ran by Líba (22-01-2020 14:41:17)
Running from C:\Users\croft\Desktop
Windows 10 Home Version 1809 17763.973 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-17] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-25 03:44 - 2019-06-25 03:44 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62A2FEF2-1C1C-4EDE-A6CB-EAED6322738B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AE5B7D8-E43B-4116-BBD8-D4969FC88913}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37384BF1-6A30-4C2C-91EE-A7326D76DAD4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7BE6DBED-4A7A-436B-9AF6-67AFCD13F203}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0697D58-C222-48FD-91A8-AAA61E0987AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B8D576-18E9-44DB-9873-B41E4617AA28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27E26270-1C6B-4F51-B1CF-45AD7567296E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22E5E7C4-68C5-443E-873B-CEFAD8DF0B21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6551714-6438-4152-91C8-BC8A8E036F31}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
02-01-2020 10:29:18 Naplánovaný kontrolní bod
12-01-2020 10:30:55 Naplánovaný kontrolní bod
18-01-2020 10:24:03 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 01:39:40 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 320749160 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 09:42:42 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 306531359 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 04:23:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/21/2020 10:23:54 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 265803151 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 04:17:24 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 243815454 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 11:25:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17763.864 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 166c
Čas spuštění: 01d5ce3703eda348
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 1caf87a5-1b6f-4b06-b646-b89cd5dced0e
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/21/2020 11:25:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 226297586 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 07:46:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (01/21/2020 04:18:37 PM) (Source: DCOM) (EventID: 10010) (User: LÍBA)
Description: Server Windows.Internal.WebRuntime.ContentProcess#{00031402-0001-0000-F3C7-B20C00000000} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/20/2020 10:53:28 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/20/2020 08:29:45 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/19/2020 12:51:47 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:44:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:42 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/18/2020 08:43:41 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-11-03 18:21:40.798
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6749DB17-5D80-47A5-976C-BAA512FD3794}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 14:25:47.673
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {00D2DBDC-ED36-412A-A987-262F9EDB90B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 13:28:27.206
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bitrep.A
ID: 2147723097
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.295.1355.0, AS: 1.295.1355.0, NIS: 1.295.1355.0
Verze modulu: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-24 10:09:05.050
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D857466F-649B-4343-A392-0FEDFC3013CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 10:01:21.690
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {225C9647-B675-4C39-A215-3923060F5640}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-22 20:11:23.914
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16600.7
Předchozí verze modulu: 1.1.16600.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2019-05-21 12:07:08.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-01-18 20:39:08.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:38:14.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2019-12-27 14:39:46.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:34:46.239
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:45.874
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:24:46.335
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 78%
Total physical RAM: 8078.22 MB
Available physical RAM: 1712.09 MB
Total Virtual: 13379.05 MB
Available Virtual: 3688.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:827.14 GB) NTFS
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé spuštění ntb
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé spuštění ntb
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-22-2020
# Duration: 00:00:12
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\croft\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1406 octets] - [20/05/2019 13:03:41]
AdwCleaner[C00].txt - [1514 octets] - [20/05/2019 13:04:00]
AdwCleaner[S01].txt - [2067 octets] - [22/01/2020 15:14:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-22-2020
# Duration: 00:00:12
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\croft\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1406 octets] - [20/05/2019 13:03:41]
AdwCleaner[C00].txt - [1514 octets] - [20/05/2019 13:04:00]
AdwCleaner[S01].txt - [2067 octets] - [22/01/2020 15:14:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé spuštění ntb
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé spuštění ntb
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020
Ran by Líba (22-01-2020 16:02:12)
Running from C:\Users\croft\Desktop
Windows 10 Home Version 1809 17763.973 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-17] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-25 03:44 - 2019-06-25 03:44 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62A2FEF2-1C1C-4EDE-A6CB-EAED6322738B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AE5B7D8-E43B-4116-BBD8-D4969FC88913}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37384BF1-6A30-4C2C-91EE-A7326D76DAD4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7BE6DBED-4A7A-436B-9AF6-67AFCD13F203}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0697D58-C222-48FD-91A8-AAA61E0987AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B8D576-18E9-44DB-9873-B41E4617AA28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27E26270-1C6B-4F51-B1CF-45AD7567296E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22E5E7C4-68C5-443E-873B-CEFAD8DF0B21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6551714-6438-4152-91C8-BC8A8E036F31}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
02-01-2020 10:29:18 Naplánovaný kontrolní bod
12-01-2020 10:30:55 Naplánovaný kontrolní bod
18-01-2020 10:24:03 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 03:03:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 22.1.2020.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 6c28
Čas spuštění: 01d5d1291c830b96
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\croft\Desktop\FRST64.exe
ID hlášení: f2de1a07-015f-46b6-9fcf-c82da5187a46
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (01/22/2020 01:39:40 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 320749160 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 09:42:42 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 306531359 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 04:23:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/21/2020 10:23:54 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 265803151 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 04:17:24 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 243815454 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 11:25:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17763.864 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 166c
Čas spuštění: 01d5ce3703eda348
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 1caf87a5-1b6f-4b06-b646-b89cd5dced0e
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/21/2020 11:25:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 226297586 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
System errors:
=============
Error: (01/22/2020 03:23:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:23:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:21:36 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:20:44 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:20:13 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:19:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:19:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:17:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby WsAppService bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2019-11-03 18:21:40.798
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6749DB17-5D80-47A5-976C-BAA512FD3794}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 14:25:47.673
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {00D2DBDC-ED36-412A-A987-262F9EDB90B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 13:28:27.206
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bitrep.A
ID: 2147723097
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.295.1355.0, AS: 1.295.1355.0, NIS: 1.295.1355.0
Verze modulu: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-24 10:09:05.050
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D857466F-649B-4343-A392-0FEDFC3013CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 10:01:21.690
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {225C9647-B675-4C39-A215-3923060F5640}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-22 20:11:23.914
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16600.7
Předchozí verze modulu: 1.1.16600.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2019-05-21 12:07:08.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-01-22 15:19:45.482
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-22 15:19:11.509
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:39:08.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:38:14.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2019-12-27 14:39:46.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:34:46.239
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:45.874
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 55%
Total physical RAM: 8078.22 MB
Available physical RAM: 3619.8 MB
Total Virtual: 12430.22 MB
Available Virtual: 7691.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:828.12 GB) NTFS
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
**********************
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (22-01-2020 16:00:24)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5553712 2019-12-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0D5AB018-2F47-47CF-AFA3-07476CF262CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {82582F81-C49F-4D1C-B016-9A7B1318A102} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-01-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-22]
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://puttraffic.com; hxxps://trycracksoftware.com; hxxps://vk.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://zulip.pirati.cz
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-24]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-11-18]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-09-23]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152672 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32776 2018-05-11] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
S3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 15:23 - 2020-01-22 15:23 - 000002105 _____ C:\Users\croft\Desktop\AdwCleaner[C01].txt
2020-01-22 15:11 - 2020-01-22 15:11 - 008237744 _____ (Malwarebytes) C:\Users\croft\Desktop\adwcleaner_8.0.1.exe
2020-01-22 15:11 - 2020-01-22 15:11 - 001924728 _____ (Malwarebytes) C:\Users\croft\Desktop\MBSetup.exe
2020-01-22 14:38 - 2020-01-22 16:01 - 000028024 _____ C:\Users\croft\Desktop\FRST.txt
2020-01-22 14:36 - 2020-01-22 14:36 - 002580480 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2020-01-22 09:59 - 2020-01-22 09:59 - 000144431 _____ C:\Users\croft\Downloads\DNEDP4-8862013402-20200121-210237.pdf
2020-01-20 19:13 - 2020-01-20 19:13 - 002609972 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.de.cs.pdf
2020-01-20 19:12 - 2020-01-20 19:12 - 002467452 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.pdf
2020-01-19 16:45 - 2020-01-19 18:55 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-01-19 13:40 - 2020-01-19 13:40 - 000363006 _____ C:\Users\croft\Downloads\priloha_743523478_0_Dopis_OSVC_2020_-_DS.pdf
2020-01-19 13:40 - 2020-01-19 13:40 - 000199773 _____ C:\Users\croft\Downloads\priloha_743515926_0_p690427307_6957163103.pdf
2020-01-18 20:43 - 2020-01-18 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-18 10:43 - 2020-01-18 10:43 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-18 10:42 - 2020-01-18 10:43 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-01-13 19:43 - 2020-01-13 19:43 - 000000000 ____D C:\Users\croft\Downloads\10_18
2020-01-13 19:41 - 2020-01-13 19:41 - 000000000 ____D C:\Users\croft\Downloads\06_2019
2020-01-13 14:59 - 2020-01-13 15:16 - 3199629713 _____ C:\Users\croft\Downloads\Big Boys Gone Bananas!_.mp4
2020-01-13 13:51 - 2020-01-13 13:51 - 000001458 _____ C:\Users\croft\Downloads\Dokumenty (2).htm
2020-01-12 10:01 - 2020-01-12 11:31 - 1641979103 _____ C:\Users\croft\Downloads\Baťa, první globalista - dokument CT.mkv
2020-01-10 21:54 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_19
2020-01-10 21:40 - 2020-01-10 21:41 - 000000000 ____D C:\Users\croft\Downloads\8_19
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-01-05 17:40 - 2020-01-05 17:40 - 014969468 _____ C:\Users\croft\Downloads\oprava zipu.mp4
2020-01-03 23:27 - 2020-01-13 20:35 - 000000000 ____D C:\Users\croft\Downloads\8_18
2020-01-03 22:30 - 2020-01-19 13:21 - 000000000 ____D C:\Users\croft\Downloads\5_18
2020-01-03 22:30 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_18
2020-01-03 22:30 - 2020-01-03 23:20 - 000000000 ____D C:\Users\croft\Downloads\6_18
2020-01-03 22:19 - 2020-01-10 19:36 - 000000000 ____D C:\Users\croft\Downloads\4_18
2020-01-03 22:11 - 2020-01-03 22:11 - 000000000 ____D C:\Users\croft\Downloads\3_18
2020-01-03 21:57 - 2020-01-03 22:03 - 000000000 ____D C:\Users\croft\Downloads\1_18
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 16:01 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-01-22 16:00 - 2019-03-08 17:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-22 16:00 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 15:20 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-22 15:16 - 2019-03-08 17:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-22 15:15 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2020-01-21 22:25 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 07:49 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-01-20 15:18 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-01-20 15:06 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-01-19 21:10 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-01-18 20:47 - 2019-06-19 15:46 - 000000000 ____D C:\Program Files\UNP
2020-01-18 20:45 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-01-18 20:43 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-18 20:43 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:43 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:36 - 2019-03-08 17:18 - 000453232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2020-01-18 11:10 - 2019-03-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-01-18 10:48 - 2019-03-08 15:39 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-18 10:48 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-01-08 15:37 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2020-01-06 18:46 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-01-03 20:47 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2020-01-03 15:01 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-23 11:29 - 2019-04-09 15:13 - 000000000 ____D C:\Program Files (x86)\Torrent
==================== Files in the root of some directories ========
2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020
Ran by Líba (22-01-2020 16:02:12)
Running from C:\Users\croft\Desktop
Windows 10 Home Version 1809 17763.973 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-17] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-25 03:44 - 2019-06-25 03:44 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62A2FEF2-1C1C-4EDE-A6CB-EAED6322738B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AE5B7D8-E43B-4116-BBD8-D4969FC88913}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37384BF1-6A30-4C2C-91EE-A7326D76DAD4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7BE6DBED-4A7A-436B-9AF6-67AFCD13F203}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0697D58-C222-48FD-91A8-AAA61E0987AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B8D576-18E9-44DB-9873-B41E4617AA28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27E26270-1C6B-4F51-B1CF-45AD7567296E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22E5E7C4-68C5-443E-873B-CEFAD8DF0B21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6551714-6438-4152-91C8-BC8A8E036F31}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
02-01-2020 10:29:18 Naplánovaný kontrolní bod
12-01-2020 10:30:55 Naplánovaný kontrolní bod
18-01-2020 10:24:03 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 03:03:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 22.1.2020.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 6c28
Čas spuštění: 01d5d1291c830b96
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\croft\Desktop\FRST64.exe
ID hlášení: f2de1a07-015f-46b6-9fcf-c82da5187a46
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (01/22/2020 01:39:40 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 320749160 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 09:42:42 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 306531359 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/22/2020 04:23:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/21/2020 10:23:54 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 265803151 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 04:17:24 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 243815454 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (01/21/2020 11:25:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17763.864 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 166c
Čas spuštění: 01d5ce3703eda348
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 1caf87a5-1b6f-4b06-b646-b89cd5dced0e
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/21/2020 11:25:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 226297586 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
System errors:
=============
Error: (01/22/2020 03:23:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:23:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:21:36 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:20:44 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:20:13 PM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:19:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:19:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/22/2020 03:17:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby WsAppService bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2019-11-03 18:21:40.798
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6749DB17-5D80-47A5-976C-BAA512FD3794}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 14:25:47.673
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {00D2DBDC-ED36-412A-A987-262F9EDB90B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 13:28:27.206
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bitrep.A
ID: 2147723097
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.295.1355.0, AS: 1.295.1355.0, NIS: 1.295.1355.0
Verze modulu: AM: 1.1.16000.6, NIS: 1.1.16000.6
Date: 2019-06-24 10:09:05.050
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D857466F-649B-4343-A392-0FEDFC3013CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-24 10:01:21.690
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {225C9647-B675-4C39-A215-3923060F5640}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-22 20:11:23.914
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16600.7
Předchozí verze modulu: 1.1.16600.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2019-05-21 12:07:08.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-01-22 15:19:45.482
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-22 15:19:11.509
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:39:08.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.
Date: 2020-01-18 20:38:14.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2019-12-27 14:39:46.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:34:46.239
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:45.874
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-27 14:29:32.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eplgChrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 55%
Total physical RAM: 8078.22 MB
Available physical RAM: 3619.8 MB
Total Virtual: 12430.22 MB
Available Virtual: 7691.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:828.12 GB) NTFS
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
**********************
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (22-01-2020 16:00:24)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [183088 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5553712 2019-12-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0D5AB018-2F47-47CF-AFA3-07476CF262CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {82582F81-C49F-4D1C-B016-9A7B1318A102} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2019-12-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-01-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-22]
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://puttraffic.com; hxxps://trycracksoftware.com; hxxps://vk.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://zulip.pirati.cz
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-24]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-11-18]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-09-23]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-11-29] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152672 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116696 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32776 2018-05-11] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
S3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 15:23 - 2020-01-22 15:23 - 000002105 _____ C:\Users\croft\Desktop\AdwCleaner[C01].txt
2020-01-22 15:11 - 2020-01-22 15:11 - 008237744 _____ (Malwarebytes) C:\Users\croft\Desktop\adwcleaner_8.0.1.exe
2020-01-22 15:11 - 2020-01-22 15:11 - 001924728 _____ (Malwarebytes) C:\Users\croft\Desktop\MBSetup.exe
2020-01-22 14:38 - 2020-01-22 16:01 - 000028024 _____ C:\Users\croft\Desktop\FRST.txt
2020-01-22 14:36 - 2020-01-22 14:36 - 002580480 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2020-01-22 09:59 - 2020-01-22 09:59 - 000144431 _____ C:\Users\croft\Downloads\DNEDP4-8862013402-20200121-210237.pdf
2020-01-20 19:13 - 2020-01-20 19:13 - 002609972 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.de.cs.pdf
2020-01-20 19:12 - 2020-01-20 19:12 - 002467452 _____ C:\Users\croft\Downloads\Dětské mikino-šaty s vypouklími kapsami - NÁVOD.pdf
2020-01-19 16:45 - 2020-01-19 18:55 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-01-19 13:40 - 2020-01-19 13:40 - 000363006 _____ C:\Users\croft\Downloads\priloha_743523478_0_Dopis_OSVC_2020_-_DS.pdf
2020-01-19 13:40 - 2020-01-19 13:40 - 000199773 _____ C:\Users\croft\Downloads\priloha_743515926_0_p690427307_6957163103.pdf
2020-01-18 20:43 - 2020-01-18 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-18 10:43 - 2020-01-18 10:43 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-01-18 10:43 - 2020-01-18 10:43 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-18 10:42 - 2020-01-18 10:43 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-18 10:42 - 2020-01-18 10:42 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-18 10:42 - 2020-01-18 10:42 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-01-18 10:42 - 2020-01-18 10:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-01-13 19:43 - 2020-01-13 19:43 - 000000000 ____D C:\Users\croft\Downloads\10_18
2020-01-13 19:41 - 2020-01-13 19:41 - 000000000 ____D C:\Users\croft\Downloads\06_2019
2020-01-13 14:59 - 2020-01-13 15:16 - 3199629713 _____ C:\Users\croft\Downloads\Big Boys Gone Bananas!_.mp4
2020-01-13 13:51 - 2020-01-13 13:51 - 000001458 _____ C:\Users\croft\Downloads\Dokumenty (2).htm
2020-01-12 10:01 - 2020-01-12 11:31 - 1641979103 _____ C:\Users\croft\Downloads\Baťa, první globalista - dokument CT.mkv
2020-01-10 21:54 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_19
2020-01-10 21:40 - 2020-01-10 21:41 - 000000000 ____D C:\Users\croft\Downloads\8_19
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-01-05 17:40 - 2020-01-05 17:40 - 014969468 _____ C:\Users\croft\Downloads\oprava zipu.mp4
2020-01-03 23:27 - 2020-01-13 20:35 - 000000000 ____D C:\Users\croft\Downloads\8_18
2020-01-03 22:30 - 2020-01-19 13:21 - 000000000 ____D C:\Users\croft\Downloads\5_18
2020-01-03 22:30 - 2020-01-10 21:55 - 000000000 ____D C:\Users\croft\Downloads\7_18
2020-01-03 22:30 - 2020-01-03 23:20 - 000000000 ____D C:\Users\croft\Downloads\6_18
2020-01-03 22:19 - 2020-01-10 19:36 - 000000000 ____D C:\Users\croft\Downloads\4_18
2020-01-03 22:11 - 2020-01-03 22:11 - 000000000 ____D C:\Users\croft\Downloads\3_18
2020-01-03 21:57 - 2020-01-03 22:03 - 000000000 ____D C:\Users\croft\Downloads\1_18
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 16:01 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-01-22 16:00 - 2019-03-08 17:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-22 16:00 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 15:20 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-22 15:16 - 2019-03-08 17:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-22 15:15 - 2018-09-15 07:09 - 000786432 _____ C:\Windows\system32\config\BBI
2020-01-21 22:25 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 07:49 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-01-20 15:18 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-01-20 15:06 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-01-19 21:10 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-01-18 20:47 - 2019-06-19 15:46 - 000000000 ____D C:\Program Files\UNP
2020-01-18 20:45 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-01-18 20:43 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-18 20:43 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:43 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-18 20:36 - 2019-03-08 17:18 - 000453232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-18 20:33 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2020-01-18 11:10 - 2019-03-08 15:39 - 000000000 ____D C:\Windows\system32\MRT
2020-01-18 10:48 - 2019-03-08 15:39 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-18 10:48 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 10:24 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-01-08 15:37 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2020-01-06 18:46 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-01-03 20:47 - 2019-04-11 08:59 - 000000000 ____D C:\Users\Pracovní
2020-01-03 15:01 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-23 11:29 - 2019-04-09 15:13 - 000000000 ____D C:\Program Files (x86)\Torrent
==================== Files in the root of some directories ========
2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-01-06 18:46 - 2020-01-06 18:46 - 000005287 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé spuštění ntb
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé spuštění ntb
log se neobjevil, ntb se restartoval. Najdu ho nekde?
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé spuštění ntb
Na ploše v souboru fixlog.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé spuštění ntb
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020
Ran by Líba (22-01-2020 17:20:58) Run:1
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86AD6388-0DBB-4386-A337-B7804AE46950}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46B635E3-58FB-4787-9E55-6565A49F1E39}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BAD892F0-535A-4C11-874B-2AFE17ED3F30}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C36EED2-5B78-448F-B633-38D358C78752}" => removed successfully
"C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8efecd9f-7226-11e9-a761-40a3cccab76d} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abad529a-7d94-11e9-a765-40a3cccab76d} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e9b557-5e89-11e9-a75d-40a3cccab76d} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08B0A7FB-AE9E-4D68-BC34-61DA78855EE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08B0A7FB-AE9E-4D68-BC34-61DA78855EE7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DDD8C-1D8B-45DB-9F99-333B4A5467B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DDD8C-1D8B-45DB-9F99-333B4A5467B2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1323185E-7D9B-4375-8258-98BCED3674A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1323185E-7D9B-4375-8258-98BCED3674A3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57dbef58d7204" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68F8FE3F-1863-4CF3-857D-1138AF1AE944}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68F8FE3F-1863-4CF3-857D-1138AF1AE944}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57dbef5a66ad0" => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0 => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 150610239 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 10340381 B
Edge => 5516647 B
Chrome => 833768392 B
Firefox => 88815812 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 110 B
Users => 110 B
ProgramData => 110 B
Public => 110 B
systemprofile => 110 B
systemprofile32 => 110 B
LocalService => 22013571 B
NetworkService => 26848333 B
croft => 80288758 B
RecycleBin => 6852036509 B
EmptyTemp: => 7.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:24:04 ====
Ran by Líba (22-01-2020 17:20:58) Run:1
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\croft\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe No File
FirewallRules: [{86AD6388-0DBB-4386-A337-B7804AE46950}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{46B635E3-58FB-4787-9E55-6565A49F1E39}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File
FirewallRules: [{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{BAD892F0-535A-4C11-874B-2AFE17ED3F30}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File
FirewallRules: [{8C36EED2-5B78-448F-B633-38D358C78752}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe No File
C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {abad529a-7d94-11e9-a765-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1323185E-7D9B-4375-8258-98BCED3674A3} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {68F8FE3F-1863-4CF3-857D-1138AF1AE944} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL => No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [No File]
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers-x32-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL -> No File => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86AD6388-0DBB-4386-A337-B7804AE46950}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46B635E3-58FB-4787-9E55-6565A49F1E39}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75B03A4F-DA05-4BE6-A64A-2687AFF11B58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BAD892F0-535A-4C11-874B-2AFE17ED3F30}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C36EED2-5B78-448F-B633-38D358C78752}" => removed successfully
"C:\Users\croft\Downloads\MyPhoneExplorer_Setup_1.8.11.exe" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8efecd9f-7226-11e9-a761-40a3cccab76d} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abad529a-7d94-11e9-a765-40a3cccab76d} => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e9b557-5e89-11e9-a75d-40a3cccab76d} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08B0A7FB-AE9E-4D68-BC34-61DA78855EE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08B0A7FB-AE9E-4D68-BC34-61DA78855EE7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DDD8C-1D8B-45DB-9F99-333B4A5467B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DDD8C-1D8B-45DB-9F99-333B4A5467B2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1323185E-7D9B-4375-8258-98BCED3674A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1323185E-7D9B-4375-8258-98BCED3674A3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57dbef58d7204" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68F8FE3F-1863-4CF3-857D-1138AF1AE944}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68F8FE3F-1863-4CF3-857D-1138AF1AE944}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57dbef5a66ad0" => removed successfully
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0 => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 150610239 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 10340381 B
Edge => 5516647 B
Chrome => 833768392 B
Firefox => 88815812 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 110 B
Users => 110 B
ProgramData => 110 B
Public => 110 B
systemprofile => 110 B
systemprofile32 => 110 B
LocalService => 22013571 B
NetworkService => 26848333 B
croft => 80288758 B
RecycleBin => 6852036509 B
EmptyTemp: => 7.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:24:04 ====
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé spuštění ntb
Ano, to je on. Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé spuštění ntb
Zdá se že ano, uvidím po delší práci a opětovném zapnutí/vypnutí.
Děkuji
Děkuji
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé spuštění ntb
Zatím nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.