Stránka 1 z 2

Preventivní kontrola - pomalý PC

Napsal: 07 led 2021 20:05
od ota
Prosím o prevntivní kmontrolu - pomalé načítání systému

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by Ota (administrator) on DESKTOP-TTIU2E3 (MSI MS-7817) (07-01-2021 19:21:32)
Running from C:\Users\Ota\Desktop
Loaded Profiles: Ota
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Seznam.cz, a.s. -> ) C:\Users\Ota\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\Ota\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Seznam.cz, a.s. -> ) C:\Users\Ota\AppData\Roaming\Seznam.cz\szninstall.exe
(SlySoft, Inc.) [File not signed] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe <2>
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [618496 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe [4606464 2017-02-13] (Vitzo) [File not signed]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ota\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ota\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [33792 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [27648 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C79354-D700-45DE-B1E9-55FC203CCAD8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {024563A6-97B3-44B5-9979-6AE39CA38A0E} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {0978A901-092E-4EFF-9272-A2042F1AE375} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe
Task: {180FBEFF-1003-4D86-98A0-0DEC0CD6DDA2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {1AE2C0BC-42D7-4922-A059-CA2C9F3EF681} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {22897F6D-4A8C-4DCB-BD2C-F2A59723624F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {2668278F-DDA1-48CF-8B22-D1373B92D803} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {3AB6A198-21BD-4C42-BFFB-505038E66144} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {42848876-C155-4090-91A7-8AAFD9302013} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
Task: {535FFD7E-0349-438D-A4D4-08A9BC552788} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {5A6C3F8C-7296-4239-A94B-0FD707DC5999} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {80A9AA7C-C76A-4A34-A0A2-60C5621AAA15} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D7F67EFB-8C4D-45E6-9695-BBF65E8A3B94} - System32\Tasks\Agent Activation Runtime\S-1-5-21-554986064-1367882024-3811459060-1005 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-09] (Microsoft Windows -> )
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {E8C03218-61D3-4A24-A7DA-DF480BB1CE91} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {F7182773-59B8-4F01-BCC2-6CE273608F53} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {F8A13D3F-6570-4A3B-9933-DE74F7BAF312} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
======
DownloadDir: C:\Users\Ota\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-24]

FireFox:
========
FF DefaultProfile: dwrkrxjf.default-1446579292021
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 [2021-01-07]
FF Homepage: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__190920
FF HomepageOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Disabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Disabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (Flash Video Downloader) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\artur.dubovoy@gmail.com.xpi [2019-04-10]
FF Extension: (Forecastfox (fix version)) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\forecastfox@s3_fix_version.xpi [2020-11-23]
FF Extension: (SaveFrom.net helper) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\helper@savefrom.net.xpi [2020-12-16]
FF Extension: (Norton Password Manager) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\idsafe@norton.com.xpi [2020-09-04]
FF Extension: (AdBlock — best ad blocker) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-01-07]
FF Extension: (Norton Home Page) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonhomepage@symantec.com.xpi [2020-10-24] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2020-10-24] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafeweb@symantec.com.xpi [2020-10-09]
FF Extension: (uBlock Origin) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\uBlock0@raymondhill.net.xpi [2021-01-04]
FF Extension: (FormApps Extension) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-02-07]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-01-07]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acc029-d62b-4d23-b921-8e7aea34266a}.xpi [2017-11-15]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-12-07]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15]
FF Extension: (DownThemAll!) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-01-07]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-11-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default [2021-01-04]
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Prezentace) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (YouTube) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-17]
CHR Extension: (Tabulky) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2020-11-06]
CHR Extension: (Have I been pwned?) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpgljciihecejjlildfcakfcmnachahp [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (FormApps Extension) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-02-07]
CHR Extension: (Skype) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-17]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-07]
CHR Extension: (Gmail) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09]
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20201215.001\BHDrvx64.sys [1991536 2020-11-03] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-08-03] (Symantec Corporation -> Broadcom)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-08-12] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20210105.063\IDSvia64.sys [1478496 2020-09-17] (Symantec Corporation -> Broadcom)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-29] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [712368 2020-01-11] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-07 19:21 - 2021-01-07 19:25 - 000028312 _____ C:\Users\Ota\Desktop\FRST.txt
2021-01-07 19:08 - 2021-01-07 19:08 - 002282496 _____ (Farbar) C:\Users\Ota\Desktop\FRST64.exe
2021-01-07 07:47 - 2021-01-07 07:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-06 20:50 - 2021-01-07 19:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-01-06 19:24 - 2021-01-06 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-12-22 06:55 - 2020-12-22 17:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-12-09 18:15 - 2020-12-09 18:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-09 18:15 - 2020-12-09 18:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-09 18:14 - 2020-12-09 18:14 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-09 18:14 - 2020-12-09 18:14 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 18:14 - 2020-12-09 18:14 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-09 18:14 - 2020-12-09 18:14 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 18:14 - 2020-12-09 18:14 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 18:14 - 2020-12-09 18:14 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-09 18:14 - 2020-12-09 18:14 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-09 18:14 - 2020-12-09 18:14 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-09 18:14 - 2020-12-09 18:14 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-09 18:13 - 2020-12-09 18:13 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-09 18:13 - 2020-12-09 18:13 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-09 18:13 - 2020-12-09 18:13 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-09 18:13 - 2020-12-09 18:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-09 18:13 - 2020-12-09 18:13 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 18:12 - 2020-12-09 18:12 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 18:12 - 2020-12-09 18:12 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-09 18:12 - 2020-12-09 18:12 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-09 18:12 - 2020-12-09 18:12 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-09 18:12 - 2020-12-09 18:12 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-09 18:12 - 2020-12-09 18:12 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-07 19:28 - 2020-08-01 14:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2021-01-07 19:26 - 2020-01-27 09:12 - 000000000 ____D C:\Users\Ota\AppData\Roaming\Seznam.cz
2021-01-07 19:24 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-07 19:23 - 2016-11-28 21:32 - 000000000 ____D C:\FRST
2021-01-07 19:21 - 2017-06-17 06:02 - 000000000 ____D C:\Program Files\CCleaner
2021-01-07 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-07 19:20 - 2018-06-06 19:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-07 19:20 - 2015-10-31 01:10 - 000000000 __SHD C:\Users\Ota\IntelGraphicsProfiles
2021-01-07 19:20 - 2015-08-18 12:04 - 011721127 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2021-01-07 19:19 - 2020-06-12 22:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-07 19:19 - 2020-06-12 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-07 19:19 - 2015-10-31 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-07 19:18 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-07 19:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-07 19:18 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-07 19:12 - 2016-11-16 18:01 - 000000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2021-01-07 17:48 - 2015-10-31 21:15 - 000000000 ____D C:\Users\Ota\AppData\Local\GHISLER
2021-01-07 08:20 - 2020-06-12 22:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-07 08:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-07 07:41 - 2015-11-01 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-05 06:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-05 06:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-04 09:44 - 2018-07-21 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-19 17:26 - 2020-06-12 17:41 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 08:24 - 2019-09-20 18:55 - 000000000 _____ C:\end
2020-12-18 08:23 - 2020-04-24 19:00 - 000002384 _____ C:\nsispromotion_log.txt
2020-12-12 06:50 - 2020-06-12 22:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-12 06:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-11 19:01 - 2015-11-27 20:30 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 19:12 - 2016-01-07 19:38 - 000000000 ____D C:\Users\Ota\Documents\Knihovna Calibre
2020-12-09 18:37 - 2020-06-12 22:21 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-09 18:37 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-09 18:37 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-09 18:29 - 2020-06-12 22:02 - 000457816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-09 18:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 19:13 - 2016-01-07 19:38 - 000000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2020-12-08 19:13 - 2016-01-07 19:38 - 000000999 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2020-12-08 19:13 - 2016-01-07 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2020-12-08 19:13 - 2016-01-07 19:38 - 000000000 ____D C:\Program Files\Calibre2
2020-12-08 17:37 - 2020-06-12 22:35 - 000004650 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-12-08 17:37 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-08 17:37 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-08 17:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-08 17:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories ========

2018-11-16 20:59 - 2020-04-25 18:37 - 000025088 _____ () C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-05-06 13:49 - 2020-05-06 13:49 - 000004096 ____H () C:\Users\Ota\AppData\Local\keyfile3.drm

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Preventivní kontrola - pomalý PC

Napsal: 07 led 2021 20:06
od ota
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by Ota (07-01-2021 19:29:40)
Running from C:\Users\Ota\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-06-12 21:36:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-554986064-1367882024-3811459060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554986064-1367882024-3811459060-503 - Limited - Disabled)
Guest (S-1-5-21-554986064-1367882024-3811459060-501 - Limited - Disabled)
oem (S-1-5-21-554986064-1367882024-3811459060-1001 - Administrator - Enabled) => C:\Users\oem
Ota (S-1-5-21-554986064-1367882024-3811459060-1005 - Administrator - Enabled) => C:\Users\Ota
WDAGUtilityAccount (S-1-5-21-554986064-1367882024-3811459060-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{F67BD1CB-5D5E-4164-A821-B7D040027E3B}) (Version: 5.6.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.21.0 - Piriform Software) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CS Codec Solution 1.10 (HKLM-x32\...\CS Codec Solution_is1) (Version: 1.10 - CS Software)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
Epson Příručka pro síť XP-600 Series (HKLM-x32\...\XP-600 Series Netg) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Uživatelská příručka XP-600 Series (HKLM-x32\...\XP-600 Series Useg) (Version: - )
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
Free MP4 to MP3 Converter 1.0 (HKLM-x32\...\{1D6B0375-C07F-4BCB-878A-F53803282A60}_is1) (Version: - PolySoft Solutions)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.25.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.60.5324 - GOM & Company)
GOMPLAYERENSETUP 2.2.62.5209 (HKLM-x32\...\GOMPLAYERENSETUP 2.2.62.5209) (Version: - )
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
Manažer elektronických podání (HKLM-x32\...\MRP eSubmit) (Version: - MRP)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
Mozilla Thunderbird 78.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.6.0 (x86 cs)) (Version: 78.6.0 - Mozilla)
Multimedia Mouse Driver version 1.2 (HKLM-x32\...\{D1446C63-11CC-46F0-8CC7-6C8E81676DE3}_is1) (Version: 1.2 - SQT)
Nero 9 Essentials (HKLM-x32\...\{7b094e03-cc48-48c3-9089-86b17586bccb}) (Version: - Nero AG)
Norton Security (HKLM-x32\...\NGC) (Version: 22.20.5.39 - Symantec Corporation)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 6.5.2 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 6.5.2 - Shark007)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Smart Tests - testy, které učí (HKLM-x32\...\Smart Tests) (Version: - )
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Sudoku (HKLM-x32\...\Sudoku_is1) (Version: 1.0 - MEDIA TRADE Interactive, s.r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VDownloader 4.5.2598 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Word Manager (HKLM-x32\...\Word Manager) (Version: 1.0.1.0 - Vitware.cz)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-06] (Microsoft Studios) [MS Ad]
NotepadX -> C:\Program Files\WindowsApps\27879SnkeKhn.NotepadX_1.7.40.0_x64__xq0nh4s6cn4qe [2020-11-19] (Sönke Köhn)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [7680 2007-08-31] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282624 2007-03-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.i263] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [118784 2006-05-13] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [380928 2007-08-09] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\divxa32.acm [287744 2001-02-25] (Kristal StudioDFileDescription) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [692224 2007-08-12] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2002-07-08] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDex\CDex Site.lnk -> hxxp://cdexos.sourceforge.net

==================== Loaded Modules (Whitelisted) =============

2018-08-25 10:09 - 2006-05-03 03:49 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll
2018-04-16 19:41 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2020-02-05 08:57 - 2020-02-05 08:57 - 001455616 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GomAudio\MiniBand.dll
2015-11-21 19:42 - 2015-11-19 15:36 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2005-01-13 10:47 - 2005-01-13 10:47 - 000049152 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000206336 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnCom10.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000082944 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnEps25.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000055808 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll
2012-04-02 11:15 - 2012-04-02 11:15 - 000110080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2011-04-14 09:16 - 2011-04-14 09:16 - 000136704 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll
2015-11-02 19:52 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2015-11-02 19:52 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2015-12-04 19:08 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {07AD7CAC-D73B-4561-8646-AA337C19EBE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {09A74828-A733-4595-B8AB-AA8D8825B2E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {303968DB-3944-4379-821E-059CEF6B321D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {48E209C1-CF53-4D43-8B1B-AA500BAFBE10} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {4F9FB4D8-BDF8-437E-BE9B-F5F9172C4887} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {59727CF2-CA7C-4A02-B34E-F9ADAE5F4D7D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {A561C403-0520-456B-853F-29294831643C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__170617__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C7F1AECF-F908-467C-A47C-3299ED673E2C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {EF6265B4-E91A-4BCA-96C8-DCFFF0B13639} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2019-09-17 17:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\Calibre2\;C:\Program Files\VDownloader;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Control Panel\Desktop\\Wallpaper -> C:\screen8.JPG
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F11F5C2DD299C8722D30FC5C9E83555A"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ABCCA373-A80F-4F77-B51A-7B7337B419E6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{7E0A140F-725D-45F5-8C58-6C1276FD0436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{73F08067-8D58-474C-8B0D-B95C9BBE6753}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{11EAB6F5-364C-4480-A248-162948F33121}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{A53B7D39-424E-41A7-A00C-C2C423E657CD}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{590ABE12-46F8-413B-865B-53897AEDFC1E}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{E88499BE-39DD-408D-ACD8-C5087B7C5962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E8490F2-B498-4E22-B3AF-BFE1351D5F0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF7A3CC6-D980-46C2-9602-4E8937D54400}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{593F554C-FC20-41D2-A68E-4A48F415958A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41330990-D406-4B67-93D7-025B1789D5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77B6BB4E-A7D1-404A-BEE9-7E8D8DDBA778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0A1628EA-6982-4EBB-BD50-1796975BCB01}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{5DDE923A-026B-425C-BC63-51C753D415E7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{6C96FE7E-9607-4CC1-A647-1BA72B2432D8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{CE5C9608-82AA-41D4-A0A4-1139BF57310A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E44CD42-CDCC-408E-AF86-DF9CA691FB22}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{78A164AD-51D2-48B6-9395-15A8237F306F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BFF9D45E-317A-4893-ABE5-F3808BFF8C07}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{4137AE0D-9248-49E8-BCFB-FA86E31232AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BA39F436-A881-49B7-A9C5-AB228CC2432D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C51117FC-80FB-48EE-A81C-16595A15F5C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{620A1F10-8688-4AD4-B783-5DF276B43258}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{CE1ADA4D-A4E5-450B-8EF0-D7F9C726F2C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{F833B260-694C-4F35-B2DB-40707E6B2C31}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{278877AB-5136-4A19-AC54-78C1E90AF6C8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{7625CD51-DE6E-4DFE-8D1A-2D6FF989970A}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A28922DF-5216-4478-BE30-F324F3C4035B}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6CB67587-DE8E-4071-A757-2458F0EF4C42}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9E2D00E6-6B83-45F3-8CDA-EC0AFDF0759F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CB0F424E-3C95-4D3C-9A67-5091D23723B8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3A91C414-F84D-4875-9FA1-4D570BF195C5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{934044E0-2DA2-4547-AD0F-A33CF03A4E87}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7682E269-2D50-4ADC-AE65-180469DD6F89}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{441F31E9-4A68-49B9-9447-A0DFC25639C9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{D1F39393-0C77-4A8D-AB2D-321CF0ABE272}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{A26C369F-B327-466E-B4A0-F11FFD772D4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08095423-D65A-4453-B10B-A5BB707DD63A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F947F1FE-C402-48B3-8903-DB75556FC4C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3149DFF1-C918-44F6-A6DB-82EAC235944D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0ADB8203-3A3D-457A-A3D1-F54E5CB7F862}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5CC5729D-A8D5-48A9-BE13-090F677152F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B73C0B1D-44FD-4475-B7C9-A51C7C933D56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E2480E9-47F9-4172-9B9B-058C6153255E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0B88FD0-A050-4256-97C8-7E1E62EB2E30}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53E00525-26DD-4DA9-A26A-20E8C8E6F51F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-12-2020 18:11:53 Naplánovaný kontrolní bod
25-12-2020 13:40:47 Naplánovaný kontrolní bod
03-01-2021 08:27:25 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/07/2021 05:58:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GOM.exe, verze: 2.3.60.5324, časové razítko: 0x5fd806dd
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x5f641e44
Kód výjimky: 0xc0000005
Posun chyby: 0x00036b62
ID chybujícího procesu: 0x1704
Čas spuštění chybující aplikace: 0x01d6e5164192f326
Cesta k chybující aplikaci: C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 6ecc5ee7-49f9-4540-984a-2081d8003a00
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/06/2021 06:29:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GOM.exe, verze: 2.3.60.5324, časové razítko: 0x5fd806dd
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x5f641e44
Kód výjimky: 0xc0000005
Posun chyby: 0x00036b62
ID chybujícího procesu: 0x27f0
Čas spuštění chybující aplikace: 0x01d6e451862615a7
Cesta k chybující aplikaci: C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c916fd22-ac15-4425-88e5-b58ed5380ec0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2021 09:02:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15625

Error: (01/05/2021 09:02:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15625

Error: (01/05/2021 09:02:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2021 08:39:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GOM.exe, verze: 2.3.60.5324, časové razítko: 0x5fd806dd
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x5f641e44
Kód výjimky: 0xc0000005
Posun chyby: 0x00036b62
ID chybujícího procesu: 0xd54
Čas spuštění chybující aplikace: 0x01d6e39a7bbf8f94
Cesta k chybující aplikaci: C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 946ec87c-2ba3-4e64-a260-7ec0f5ce6d11
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2021 08:38:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GOM.exe, verze: 2.3.60.5324, časové razítko: 0x5fd806dd
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x5f641e44
Kód výjimky: 0xc0000005
Posun chyby: 0x00036b62
ID chybujícího procesu: 0x2c80
Čas spuštění chybující aplikace: 0x01d6e39a3fd6446a
Cesta k chybující aplikaci: C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 65914285-60d1-4290-843d-36443ef238ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/05/2021 06:23:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GOM.exe, verze: 2.3.60.5324, časové razítko: 0x5fd806dd
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x5f641e44
Kód výjimky: 0xc0000005
Posun chyby: 0x00036b62
ID chybujícího procesu: 0x20f8
Čas spuštění chybující aplikace: 0x01d6e3877d946c84
Cesta k chybující aplikaci: C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 72fe983a-c542-4bb4-a8df-c6f2cc009d72
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/07/2021 07:18:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TTIU2E3)
Description: Server windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2021 06:36:34 AM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Následující služba přestala opakovaně odpovídat na požadavky řízení služby: Koncové vytváření služby Windows Audio

Kontaktujte dodavatele služby nebo správce systému a poraďte se s nimi, zda je vhodné službu vypnout, dokud nebude zjištěna příčina problému.

Před vypnutím služby bude pravděpodobně nutné restartovat počítač v nouzovém režimu.

Error: (01/05/2021 06:36:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AudioEndpointBuilder bylo dosaženo časového limitu (30000 ms).

Error: (01/05/2021 06:35:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AudioEndpointBuilder bylo dosaženo časového limitu (30000 ms).

Error: (01/05/2021 06:35:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AudioEndpointBuilder bylo dosaženo časového limitu (30000 ms).

Error: (01/05/2021 06:34:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AudioEndpointBuilder bylo dosaženo časového limitu (30000 ms).

Error: (01/04/2021 08:57:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AudioEndpointBuilder bylo dosaženo časového limitu (30000 ms).

Error: (01/04/2021 08:56:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AudioEndpointBuilder bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===================================

Date: 2021-01-07 19:32:30.4600000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-07 19:32:30.4520000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-07 19:32:30.4400000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-07 19:22:28.0310000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-07 19:22:28.0210000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-07 19:22:28.0110000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-07 19:22:28.0010000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-07 19:22:27.9920000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.7 07/18/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 38%
Total physical RAM: 8070.02 MB
Available physical RAM: 4979.67 MB
Total Virtual: 9350.02 MB
Available Virtual: 6470.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.89 GB) (Free:137.03 GB) NTFS

\\?\Volume{d511e935-e4e0-4f94-8fc9-1e8c041b4eb5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4c41a681-d607-44ea-a7ee-74bdc898fc68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Preventivní kontrola - pomalý PC

Napsal: 09 led 2021 00:24
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

Re: Preventivní kontrola - pomalý PC

Napsal: 09 led 2021 18:11
od ota
Ahoj

2019-09-16 16:15:37 : <INFO> [Application] AdwCleaner 7 . 4 . 1 launched
2019-09-16 16:15:57 : <INFO> [Button clicked] Survey closed
2019-09-16 16:15:57 : <INFO> [Telemetry] Sending NPS Survey
2019-09-16 16:15:57 : <INFO> [Telemetry] Sending hello
ication updates
2019-09-16 16:16:00 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-09-16 16:16:00 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-09-16 16:16:00 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-09-16 16:16:00 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-09-16 16:16:00 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-09-16 16:16:00 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-09-16 16:16:00 : <INFO> [SslCert] ALPN: None
2019-09-16 16:16:00 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:16:00 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:16:00 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:16:00 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-09-16 16:16:00 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-09-16 16:16:00 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-09-16 16:16:00 : <INFO> [SslCert] Locality Name ()
2019-09-16 16:16:00 : <INFO> [SslCert] Organization ()
2019-09-16 16:16:00 : <INFO> [SslCert] Certificate EffectiveDate: "ne srp 18 10:50:38 2019 GMT"
2019-09-16 16:16:00 : <INFO> [SslCert] Certificate ExpirationDate: "so lis 16 10:50:38 2019 GMT"
2019-09-16 16:16:00 : <INFO> [SslCert] ALPN: Yes
2019-09-16 16:16:00 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:16:00 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:16:00 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:16:00 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-09-16 16:16:02 : <INFO> [Button clicked] Scan
2019-09-16 16:16:02 : <INFO> [Scan] Started
2019-09-16 16:16:02 : <INFO> [Database] Downloading database
2019-09-16 16:16:04 : <INFO> [Database] Checking integrity
2019-09-16 16:16:04 : <INFO> [Database] Found 2599 families
2019-09-16 16:16:04 : <INFO> [Database] Database v "2019-09-13.1"
2019-09-16 16:16:04 : <INFO> [Loading paths] Local paths loaded
2019-09-16 16:16:05 : <INFO> [Loading paths] Chrome paths loaded
2019-09-16 16:16:05 : <INFO> [Loading paths] User Keys loaded
2019-09-16 16:16:05 : <INFO> [Module initialized] "File"
2019-09-16 16:16:05 : <INFO> [Module initialized] "Folder"
2019-09-16 16:16:05 : <INFO> [Module initialized] "RegistryKey"
2019-09-16 16:16:05 : <INFO> [Module initialized] "RegistryValue"
2019-09-16 16:16:05 : <INFO> [Module initialized] "TaskName"
2019-09-16 16:16:05 : <INFO> [Module initialized] "Service"
2019-09-16 16:16:05 : <INFO> [Module initialized] "Winlogon"
2019-09-16 16:16:19 : <INFO> [Module initialized] "URL"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegAppInit"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegClasses"
2019-09-16 16:16:19 : <INFO> [Module initialized] "DNS"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegGuid"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegOther"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegProductID"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegSoftware"
2019-09-16 16:16:19 : <INFO> [Module initialized] "RegStartup"
2019-09-16 16:16:19 : <INFO> [Module initialized] "WMI"
2019-09-16 16:16:19 : <INFO> [Module initialized] "ChromiumExt"
2019-09-16 16:16:19 : <INFO> [Module initialized] "FirefoxExt"
2019-09-16 16:16:19 : <INFO> [Module initialize] Scan Browser
2019-09-16 16:16:23 : <INFO> [Module initialize] Scan Browser FF
2019-09-16 16:16:23 : <INFO> [Module initialize] FF start pages loaded
2019-09-16 16:16:23 : <INFO> [Module initialize] FF search providers loaded
2019-09-16 16:16:23 : <INFO> [Module initialize] FF plugin list loaded
2019-09-16 16:16:23 : <INFO> [Scan] Exclusions loaded
2019-09-16 16:16:24 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "C:\\END" [ "File" ]
2019-09-16 16:16:25 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "WCAssistantService" [ "Service" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Roaming\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\Program Files (x86)\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Application Data\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Local\\Lavasoft\\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG" [ "Folder" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\WCAssistantService" [ "Registry" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:16:33 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKLM\\Software\\Wow6432Node\\Lavasoft\\Web Companion" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "C:\\Users\\Ota\\AppData\\Roaming\\Seznam.cz" [ "Folder" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "C:\\Program Files (x86)\\Seznam.cz" [ "Folder" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Mozilla\\NativeMessagingHosts\\sznpp_nm" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Seznam.cz" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SeznamInstall" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Run|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Esko" [ "Chromium" ]
2019-09-16 16:16:36 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Email" [ "Chromium" ]
2019-09-16 16:16:38 : <INFO> [Telemetry] Sending to Influx
2019-09-16 16:16:38 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-09-16 16:16:38 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-09-16 16:16:38 : <INFO> [SslCert] Locality Name ()
2019-09-16 16:16:38 : <INFO> [SslCert] Organization ()
2019-09-16 16:16:38 : <INFO> [SslCert] Certificate EffectiveDate: "ne srp 18 10:50:38 2019 GMT"
2019-09-16 16:16:38 : <INFO> [SslCert] Certificate ExpirationDate: "so lis 16 10:50:38 2019 GMT"
2019-09-16 16:16:38 : <INFO> [SslCert] ALPN: Yes
2019-09-16 16:16:38 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:16:38 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:16:38 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:16:38 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-09-16 16:16:38 : <INFO> [Telemetry] Sending to DSE
2019-09-16 16:16:39 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-09-16 16:16:39 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-09-16 16:16:39 : <INFO> [SslCert] Locality Name ("San Jose")
2019-09-16 16:16:39 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-09-16 16:16:39 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-09-16 16:16:39 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-09-16 16:16:39 : <INFO> [SslCert] ALPN: Yes
2019-09-16 16:16:39 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:16:39 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:16:39 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:16:39 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-09-16 16:16:39 : <INFO> [Scan] Finished
2019-09-16 16:19:22 : <INFO> [Application] Closing AdwCleaner
2019-09-16 16:19:30 : <INFO> [Application] AdwCleaner 7 . 4 . 1 launched
2019-09-16 16:19:30 : <INFO> [Telemetry] Sending hello
ication updates
2019-09-16 16:19:32 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-09-16 16:19:32 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-09-16 16:19:32 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-09-16 16:19:32 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-09-16 16:19:32 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-09-16 16:19:32 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-09-16 16:19:32 : <INFO> [SslCert] ALPN: None
2019-09-16 16:19:32 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:19:32 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:19:32 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:19:32 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-09-16 16:19:51 : <INFO> [Button clicked] Scan
2019-09-16 16:19:51 : <INFO> [Scan] Started
2019-09-16 16:19:51 : <INFO> [Database] Downloading database
2019-09-16 16:19:52 : <INFO> [Database] Checking integrity
2019-09-16 16:19:52 : <INFO> [Database] Found 2599 families
2019-09-16 16:19:52 : <INFO> [Database] Database v "2019-09-13.1"
2019-09-16 16:19:53 : <INFO> [Loading paths] Local paths loaded
2019-09-16 16:19:53 : <INFO> [Loading paths] Chrome paths loaded
2019-09-16 16:19:53 : <INFO> [Loading paths] User Keys loaded
2019-09-16 16:19:53 : <INFO> [Module initialized] "File"
2019-09-16 16:19:53 : <INFO> [Module initialized] "Folder"
2019-09-16 16:19:53 : <INFO> [Module initialized] "RegistryKey"
2019-09-16 16:19:53 : <INFO> [Module initialized] "RegistryValue"
2019-09-16 16:19:53 : <INFO> [Module initialized] "TaskName"
2019-09-16 16:19:53 : <INFO> [Module initialized] "Service"
2019-09-16 16:19:53 : <INFO> [Module initialized] "Winlogon"
2019-09-16 16:19:54 : <INFO> [Module initialized] "URL"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegAppInit"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegClasses"
2019-09-16 16:19:54 : <INFO> [Module initialized] "DNS"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegGuid"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegOther"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegProductID"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegSoftware"
2019-09-16 16:19:54 : <INFO> [Module initialized] "RegStartup"
2019-09-16 16:19:54 : <INFO> [Module initialized] "WMI"
2019-09-16 16:19:54 : <INFO> [Module initialized] "ChromiumExt"
2019-09-16 16:19:54 : <INFO> [Module initialized] "FirefoxExt"
2019-09-16 16:19:54 : <INFO> [Module initialize] Scan Browser
2019-09-16 16:19:56 : <INFO> [Module initialize] Scan Browser FF
2019-09-16 16:19:56 : <INFO> [Module initialize] FF start pages loaded
2019-09-16 16:19:56 : <INFO> [Module initialize] FF search providers loaded
2019-09-16 16:19:56 : <INFO> [Module initialize] FF plugin list loaded
2019-09-16 16:19:56 : <INFO> [Scan] Exclusions loaded
2019-09-16 16:19:56 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "C:\\END" [ "File" ]
2019-09-16 16:19:57 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "WCAssistantService" [ "Service" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Roaming\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\Program Files (x86)\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Application Data\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Local\\Lavasoft\\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG" [ "Folder" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\WCAssistantService" [ "Registry" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:20:01 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKLM\\Software\\Wow6432Node\\Lavasoft\\Web Companion" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "C:\\Users\\Ota\\AppData\\Roaming\\Seznam.cz" [ "Folder" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "C:\\Program Files (x86)\\Seznam.cz" [ "Folder" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Mozilla\\NativeMessagingHosts\\sznpp_nm" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Seznam.cz" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SeznamInstall" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Run|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Esko" [ "Chromium" ]
2019-09-16 16:20:03 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Email" [ "Chromium" ]
2019-09-16 16:20:04 : <INFO> [Telemetry] Sending to Influx
2019-09-16 16:20:04 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-09-16 16:20:04 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-09-16 16:20:04 : <INFO> [SslCert] Locality Name ()
2019-09-16 16:20:04 : <INFO> [SslCert] Organization ()
2019-09-16 16:20:04 : <INFO> [SslCert] Certificate EffectiveDate: "ne srp 18 10:50:38 2019 GMT"
2019-09-16 16:20:04 : <INFO> [SslCert] Certificate ExpirationDate: "so lis 16 10:50:38 2019 GMT"
2019-09-16 16:20:04 : <INFO> [SslCert] ALPN: Yes
2019-09-16 16:20:04 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:20:04 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:20:04 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:20:04 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-09-16 16:20:04 : <INFO> [Telemetry] Sending to DSE
2019-09-16 16:20:05 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-09-16 16:20:05 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-09-16 16:20:05 : <INFO> [SslCert] Locality Name ("San Jose")
2019-09-16 16:20:05 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-09-16 16:20:05 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-09-16 16:20:05 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-09-16 16:20:05 : <INFO> [SslCert] ALPN: Yes
2019-09-16 16:20:05 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:20:05 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:20:05 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:20:05 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-09-16 16:20:05 : <INFO> [Scan] Finished
2019-09-16 16:20:26 : <INFO> [Button clicked] Quarantine menu item
2019-09-16 16:20:31 : <INFO> [Button clicked] Log files menu item
2019-09-16 16:20:39 : <INFO> [Button clicked] Settings menu item
2019-09-16 16:20:55 : <INFO> [Button clicked] Log files menu item
2019-09-16 16:20:58 : <INFO> [Button clicked] Dashboard menu item
2019-09-16 16:21:20 : <INFO> [Button clicked] Quarantine menu item
2019-09-16 16:21:27 : <INFO> [Button clicked] Log files menu item
2019-09-16 16:21:31 : <INFO> [Button clicked] Settings menu item
2019-09-16 16:22:03 : <INFO> [Button clicked] Log files menu item
2019-09-16 16:22:29 : <INFO> [Button clicked] Quarantine menu item
2019-09-16 16:22:31 : <INFO> [Button clicked] Dashboard menu item
2019-09-16 16:22:48 : <INFO> [Button clicked] Clean & repair
2019-09-16 16:23:00 : <INFO> [Button clicked] Dialog button clicked [ 2 ]
2019-09-16 16:23:00 : <INFO> [Cleaning] Started
2019-09-16 16:23:01 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2019-09-16 16:23:01 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2019-09-16 16:23:01 : <WARNING> [Cleaning] Unable to Open process - "Registry" 0
2019-09-16 16:23:01 : <WARNING> [Cleaning] Unable to Open process - "Memory Compression" 0
2019-09-16 16:23:01 : <WARNING> [Cleaning] Unable to Open process - "nsWscSvc.exe" 0
2019-09-16 16:23:01 : <WARNING> [Cleaning] Unable to Open process - "SecurityHealthService.exe" 0
2019-09-16 16:23:01 : <WARNING> [Cleaning] Unable to Open process - "SgrmBroker.exe" 0
2019-09-16 16:23:01 : <INFO> [Quarantine] Session folder: "C:\\AdwCleaner\\Quarantine\\v1\\20190916.182301"
2019-09-16 16:23:01 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "C:\\END" [ "File" ]
2019-09-16 16:23:01 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "C:\\END" [ "File" ]
2019-09-16 16:23:01 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "WCAssistantService" [ "Service" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "WCAssistantService" [ "Service" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Roaming\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Roaming\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "C:\\Program Files (x86)\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "C:\\Program Files (x86)\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Application Data\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Application Data\\Lavasoft\\Web Companion" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Local\\Lavasoft\\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "C:\\Users\\Ota\\AppData\\Local\\Lavasoft\\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG" [ "Folder" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\WCAssistantService" [ "Registry" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\WCAssistantService" [ "Registry" ]
2019-09-16 16:23:09 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKLM\\Software\\Wow6432Node\\Lavasoft\\Web Companion" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKLM\\Software\\Wow6432Node\\Lavasoft\\Web Companion" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "C:\\Users\\Ota\\AppData\\Roaming\\Seznam.cz" [ "Folder" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "C:\\Users\\Ota\\AppData\\Roaming\\Seznam.cz" [ "Folder" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "C:\\Program Files (x86)\\Seznam.cz" [ "Folder" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "C:\\Program Files (x86)\\Seznam.cz" [ "Folder" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Mozilla\\NativeMessagingHosts\\sznpp_nm" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Mozilla\\NativeMessagingHosts\\sznpp_nm" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Seznam.cz" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Seznam.cz" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SeznamInstall" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SeznamInstall" [ "Registry" ]
2019-09-16 16:23:10 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Run|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Run|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|seznam-listicka-distribuce" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Esko" [ "Chromium" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Esko" [ "Chromium" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Email" [ "Chromium" ]
2019-09-16 16:23:11 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "Seznam doplnik - Email" [ "Chromium" ]
2019-09-16 16:23:11 : <INFO> [Engine Additional Action] "Delete Tracing Keys"
2019-09-16 16:23:12 : <INFO> [Engine Additional Action] "Reset Winsock"
2019-09-16 16:23:12 : <INFO> [Telemetry] Sending to Influx
2019-09-16 16:23:12 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-09-16 16:23:12 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-09-16 16:23:12 : <INFO> [SslCert] Locality Name ()
2019-09-16 16:23:12 : <INFO> [SslCert] Organization ()
2019-09-16 16:23:12 : <INFO> [SslCert] Certificate EffectiveDate: "ne srp 18 10:50:38 2019 GMT"
2019-09-16 16:23:12 : <INFO> [SslCert] Certificate ExpirationDate: "so lis 16 10:50:38 2019 GMT"
2019-09-16 16:23:12 : <INFO> [SslCert] ALPN: Yes
2019-09-16 16:23:12 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:23:12 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:23:12 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:23:12 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-09-16 16:23:12 : <INFO> [Telemetry] Sending to DSE
2019-09-16 16:23:13 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-09-16 16:23:13 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-09-16 16:23:13 : <INFO> [SslCert] Locality Name ("San Jose")
2019-09-16 16:23:13 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-09-16 16:23:13 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-09-16 16:23:13 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-09-16 16:23:13 : <INFO> [SslCert] ALPN: Yes
2019-09-16 16:23:13 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:23:13 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:23:13 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:23:13 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-09-16 16:23:13 : <INFO> [Cleaning] Finished
2019-09-16 16:23:17 : <INFO> [Button clicked] Dialog button clicked [ 6 ]
2019-09-16 16:23:17 : <INFO> [Application] Closing AdwCleaner
2019-09-16 16:25:36 : <INFO> [Application] AdwCleaner 7 . 4 . 1 launched
2019-09-16 16:25:50 : <INFO> [MBBanner] Checking Iris
2019-09-16 16:25:50 : <INFO> [IRIS] Making request
2019-09-16 16:25:50 : <INFO> [Telemetry] Sending hello
ication updates
2019-09-16 16:25:51 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-09-16 16:25:51 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-09-16 16:25:51 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-09-16 16:25:51 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-09-16 16:25:51 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-09-16 16:25:51 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-09-16 16:25:51 : <INFO> [SslCert] ALPN: None
2019-09-16 16:25:51 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:25:51 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:25:51 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:25:51 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-09-16 16:25:51 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-09-16 16:25:51 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-09-16 16:25:51 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-09-16 16:25:51 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-09-16 16:25:51 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-09-16 16:25:51 : <INFO> [SslCert] ALPN: None
2019-09-16 16:25:51 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-09-16 16:25:51 : <INFO> [SslCert] KXE: "ECDH"
2019-09-16 16:25:51 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-09-16 16:25:51 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-09-16 16:25:52 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-09-16 16:25:52 : <INFO> [IRIS] Failed
2019-09-16 16:26:04 : <INFO> [Button clicked] Log files menu item
2019-09-16 16:31:45 : <INFO> [Application] Closing AdwCleaner

Re: Preventivní kontrola - pomalý PC

Napsal: 11 led 2021 00:18
od Conder
Toto je nespravny log. Skus pozriet do adresara C:\AdwCleaner a posli log s nazvom v tvare "AdwCleaner[Cxx].txt".

Re: Preventivní kontrola - pomalý PC

Napsal: 11 led 2021 08:15
od ota
Omlouvám se

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-11-2021
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2602 octets] - [04/06/2018 21:34:40]
AdwCleaner[C00].txt - [2411 octets] - [04/06/2018 21:34:58]
AdwCleaner_Debug.log - [35219 octets] - [16/09/2019 18:15:37]
AdwCleaner[S01].txt - [3730 octets] - [16/09/2019 18:16:38]
AdwCleaner[S02].txt - [3792 octets] - [16/09/2019 18:20:04]
AdwCleaner[C02].txt - [3520 octets] - [16/09/2019 18:23:12]
AdwCleaner[S03].txt - [3559 octets] - [09/01/2021 17:56:17]
AdwCleaner[S04].txt - [3620 octets] - [09/01/2021 18:05:40]
AdwCleaner[C04].txt - [3424 octets] - [09/01/2021 18:06:22]
AdwCleaner[S05].txt - [2019 octets] - [11/01/2021 08:03:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Re: Preventivní kontrola - pomalý PC

Napsal: 12 led 2021 02:47
od Conder
V pohode. Poprosim o obidva nove logy z FRST.

Re: Preventivní kontrola - pomalý PC

Napsal: 12 led 2021 07:11
od ota
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by Ota (administrator) on DESKTOP-TTIU2E3 (MSI MS-7817) (12-01-2021 06:56:09)
Running from C:\Users\Ota\Desktop
Loaded Profiles: Ota
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SlySoft, Inc.) [File not signed] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe <2>
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [618496 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe [4606464 2017-02-13] (Vitzo) [File not signed]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [33792 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [27648 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C79354-D700-45DE-B1E9-55FC203CCAD8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {024563A6-97B3-44B5-9979-6AE39CA38A0E} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {0481A06F-A632-495C-9EAD-AC565A444F1D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {0978A901-092E-4EFF-9272-A2042F1AE375} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0C3AC29C-FFB3-49D4-847B-E58BE951CDD0} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe
Task: {0DB60C33-3759-4799-AAF1-CAE503C1CE16} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe
Task: {180FBEFF-1003-4D86-98A0-0DEC0CD6DDA2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {18836D63-178E-4F56-A689-86EB3E5D47EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {1AE2C0BC-42D7-4922-A059-CA2C9F3EF681} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {22897F6D-4A8C-4DCB-BD2C-F2A59723624F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {2668278F-DDA1-48CF-8B22-D1373B92D803} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {3AB6A198-21BD-4C42-BFFB-505038E66144} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {42848876-C155-4090-91A7-8AAFD9302013} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
Task: {80A9AA7C-C76A-4A34-A0A2-60C5621AAA15} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {981C5FB1-9F39-4720-93B1-CE0373C54C46} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.14.2.13\SymErr.exe
Task: {C3150E19-6BB2-4EFC-867E-DBAB3728833D} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {D6ECD5D6-B993-4A1B-9D6A-30129EEFAB4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554986064-1367882024-3811459060-1001 => C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D7F67EFB-8C4D-45E6-9695-BBF65E8A3B94} - System32\Tasks\Agent Activation Runtime\S-1-5-21-554986064-1367882024-3811459060-1005 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-09] (Microsoft Windows -> )
Task: {DB6BD106-64B9-4B50-9CA9-959619F05AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-01] (Google Inc -> Google Inc.)
Task: {E8C03218-61D3-4A24-A7DA-DF480BB1CE91} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {F7182773-59B8-4F01-BCC2-6CE273608F53} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {F8A13D3F-6570-4A3B-9933-DE74F7BAF312} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
======
DownloadDir: C:\Users\Ota\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-24]

FireFox:
========
FF DefaultProfile: dwrkrxjf.default-1446579292021
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 [2021-01-12]
FF Homepage: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__190920
FF HomepageOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Disabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Disabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (Flash Video Downloader) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\artur.dubovoy@gmail.com.xpi [2019-04-10]
FF Extension: (Forecastfox (fix version)) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\forecastfox@s3_fix_version.xpi [2020-11-23]
FF Extension: (SaveFrom.net helper) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\helper@savefrom.net.xpi [2021-01-11]
FF Extension: (Norton Password Manager) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\idsafe@norton.com.xpi [2020-09-04]
FF Extension: (AdBlock — best ad blocker) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-01-07]
FF Extension: (Norton Home Page) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonhomepage@symantec.com.xpi [2020-10-24] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2020-10-24] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafeweb@symantec.com.xpi [2020-10-09]
FF Extension: (uBlock Origin) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\uBlock0@raymondhill.net.xpi [2021-01-04]
FF Extension: (FormApps Extension) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-02-07]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-01-07]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acc029-d62b-4d23-b921-8e7aea34266a}.xpi [2017-11-15]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-12-07]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15]
FF Extension: (DownThemAll!) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-01-07]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-11-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default [2021-01-11]
CHR Extension: (Prezentace) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-01-11]
CHR Extension: (YouTube) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-17]
CHR Extension: (Tabulky) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-01-08]
CHR Extension: (Have I been pwned?) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpgljciihecejjlildfcakfcmnachahp [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (FormApps Extension) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-02-07]
CHR Extension: (Skype) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-17]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-01-11]
CHR Extension: (Gmail) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09]
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20210105.001\BHDrvx64.sys [1991536 2020-11-03] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-08-03] (Symantec Corporation -> Broadcom)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-08-12] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20210111.001\IDSvia64.sys [1479536 2021-01-11] (Symantec Corporation -> Broadcom)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-29] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [712368 2020-01-11] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-12 06:56 - 2021-01-12 06:59 - 000027594 _____ C:\Users\Ota\Desktop\FRST.txt
2021-01-12 06:55 - 2021-01-12 06:55 - 000000000 ____D C:\Users\Ota\Desktop\FRST-OlderVersion
2021-01-11 23:16 - 2021-01-11 23:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-01-09 17:54 - 2021-01-09 17:54 - 008447152 _____ (Malwarebytes) C:\Users\Ota\Desktop\adwcleaner_8.0.8.exe
2021-01-07 19:43 - 2021-01-09 17:54 - 000000000 ____D C:\Users\Ota\Desktop\frst64
2021-01-07 19:08 - 2021-01-12 06:55 - 002281472 _____ (Farbar) C:\Users\Ota\Desktop\FRST64.exe
2021-01-07 07:47 - 2021-01-07 07:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-06 20:50 - 2021-01-07 19:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-12-22 06:55 - 2020-12-22 17:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-12 07:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-12 06:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-12 06:58 - 2016-11-28 21:32 - 000000000 ____D C:\FRST
2021-01-12 06:55 - 2016-11-16 18:01 - 000000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2021-01-12 06:46 - 2020-06-12 22:35 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-12 06:46 - 2020-06-12 22:35 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-12 06:44 - 2017-06-17 06:02 - 000000000 ____D C:\Program Files\CCleaner
2021-01-12 06:43 - 2018-06-06 19:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-12 06:43 - 2015-10-31 01:10 - 000000000 __SHD C:\Users\Ota\IntelGraphicsProfiles
2021-01-11 23:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-11 22:56 - 2020-08-01 14:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2021-01-11 22:48 - 2015-08-18 12:04 - 011853313 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2021-01-11 22:47 - 2020-06-12 22:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-11 22:47 - 2020-06-12 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-11 21:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-11 20:53 - 2015-10-31 21:15 - 000000000 ____D C:\Users\Ota\AppData\Local\GHISLER
2021-01-11 13:22 - 2020-06-12 22:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-11 11:23 - 2016-12-02 20:02 - 000000000 ____D C:\Users\Ota\Desktop\Viry
2021-01-09 17:07 - 2020-06-12 17:41 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-08 20:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-07 19:24 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-07 19:19 - 2015-10-31 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-07 19:18 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-07 07:41 - 2015-11-01 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-05 06:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-04 09:44 - 2018-07-21 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-18 08:23 - 2020-04-24 19:00 - 000002384 _____ C:\nsispromotion_log.txt

==================== Files in the root of some directories ========

2018-11-16 20:59 - 2020-04-25 18:37 - 000025088 _____ () C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-05-06 13:49 - 2020-05-06 13:49 - 000004096 ____H () C:\Users\Ota\AppData\Local\keyfile3.drm

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Preventivní kontrola - pomalý PC

Napsal: 12 led 2021 07:12
od ota
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by Ota (12-01-2021 07:02:31)
Running from C:\Users\Ota\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-06-12 21:36:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-554986064-1367882024-3811459060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554986064-1367882024-3811459060-503 - Limited - Disabled)
Guest (S-1-5-21-554986064-1367882024-3811459060-501 - Limited - Disabled)
oem (S-1-5-21-554986064-1367882024-3811459060-1001 - Administrator - Enabled) => C:\Users\oem
Ota (S-1-5-21-554986064-1367882024-3811459060-1005 - Administrator - Enabled) => C:\Users\Ota
WDAGUtilityAccount (S-1-5-21-554986064-1367882024-3811459060-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{F67BD1CB-5D5E-4164-A821-B7D040027E3B}) (Version: 5.6.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.21.0 - Piriform Software) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CS Codec Solution 1.10 (HKLM-x32\...\CS Codec Solution_is1) (Version: 1.10 - CS Software)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
Epson Příručka pro síť XP-600 Series (HKLM-x32\...\XP-600 Series Netg) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Uživatelská příručka XP-600 Series (HKLM-x32\...\XP-600 Series Useg) (Version: - )
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
Free MP4 to MP3 Converter 1.0 (HKLM-x32\...\{1D6B0375-C07F-4BCB-878A-F53803282A60}_is1) (Version: - PolySoft Solutions)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.25.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.60.5324 - GOM & Company)
GOMPLAYERENSETUP 2.2.62.5209 (HKLM-x32\...\GOMPLAYERENSETUP 2.2.62.5209) (Version: - )
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
Manažer elektronických podání (HKLM-x32\...\MRP eSubmit) (Version: - MRP)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.65 - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
Mozilla Thunderbird 78.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.6.0 (x86 cs)) (Version: 78.6.0 - Mozilla)
Multimedia Mouse Driver version 1.2 (HKLM-x32\...\{D1446C63-11CC-46F0-8CC7-6C8E81676DE3}_is1) (Version: 1.2 - SQT)
Nero 9 Essentials (HKLM-x32\...\{7b094e03-cc48-48c3-9089-86b17586bccb}) (Version: - Nero AG)
Norton Security (HKLM-x32\...\NGC) (Version: 22.20.5.39 - Symantec Corporation)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 6.5.2 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 6.5.2 - Shark007)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Smart Tests - testy, které učí (HKLM-x32\...\Smart Tests) (Version: - )
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Sudoku (HKLM-x32\...\Sudoku_is1) (Version: 1.0 - MEDIA TRADE Interactive, s.r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VDownloader 4.5.2598 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Word Manager (HKLM-x32\...\Word Manager) (Version: 1.0.1.0 - Vitware.cz)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-06] (Microsoft Studios) [MS Ad]
NotepadX -> C:\Program Files\WindowsApps\27879SnkeKhn.NotepadX_1.7.40.0_x64__xq0nh4s6cn4qe [2020-11-19] (Sönke Köhn)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32-x32: [vidc.mjpg] => pvmjpg30.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [7680 2007-08-31] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282624 2007-03-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.i263] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [118784 2006-05-13] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [380928 2007-08-09] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\divxa32.acm [287744 2001-02-25] (Kristal StudioDFileDescription) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [692224 2007-08-12] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2002-07-08] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDex\CDex Site.lnk -> hxxp://cdexos.sourceforge.net

==================== Loaded Modules (Whitelisted) =============

2018-08-25 10:09 - 2006-05-03 03:49 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll
2018-04-16 19:41 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2020-02-05 08:57 - 2020-02-05 08:57 - 001455616 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GomAudio\MiniBand.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2005-01-13 10:47 - 2005-01-13 10:47 - 000049152 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000206336 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnCom10.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000082944 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnEps25.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000055808 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll
2012-04-02 11:15 - 2012-04-02 11:15 - 000110080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2011-04-14 09:16 - 2011-04-14 09:16 - 000136704 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll
2015-11-02 19:52 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2015-11-02 19:52 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2015-12-04 19:08 - 2014-02-05 14:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {07AD7CAC-D73B-4561-8646-AA337C19EBE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {09A74828-A733-4595-B8AB-AA8D8825B2E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {303968DB-3944-4379-821E-059CEF6B321D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {48E209C1-CF53-4D43-8B1B-AA500BAFBE10} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {4F9FB4D8-BDF8-437E-BE9B-F5F9172C4887} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {59727CF2-CA7C-4A02-B34E-F9ADAE5F4D7D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {A561C403-0520-456B-853F-29294831643C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__170617__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {C7F1AECF-F908-467C-A47C-3299ED673E2C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-554986064-1367882024-3811459060-1005 -> {EF6265B4-E91A-4BCA-96C8-DCFFF0B13639} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2019-09-17 17:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\Calibre2\;C:\Program Files\VDownloader;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Control Panel\Desktop\\Wallpaper -> C:\screen8.JPG
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F11F5C2DD299C8722D30FC5C9E83555A"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ABCCA373-A80F-4F77-B51A-7B7337B419E6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{7E0A140F-725D-45F5-8C58-6C1276FD0436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{73F08067-8D58-474C-8B0D-B95C9BBE6753}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{11EAB6F5-364C-4480-A248-162948F33121}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{A53B7D39-424E-41A7-A00C-C2C423E657CD}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{590ABE12-46F8-413B-865B-53897AEDFC1E}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{E88499BE-39DD-408D-ACD8-C5087B7C5962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E8490F2-B498-4E22-B3AF-BFE1351D5F0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF7A3CC6-D980-46C2-9602-4E8937D54400}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{593F554C-FC20-41D2-A68E-4A48F415958A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41330990-D406-4B67-93D7-025B1789D5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77B6BB4E-A7D1-404A-BEE9-7E8D8DDBA778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0A1628EA-6982-4EBB-BD50-1796975BCB01}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{5DDE923A-026B-425C-BC63-51C753D415E7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{6C96FE7E-9607-4CC1-A647-1BA72B2432D8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{CE5C9608-82AA-41D4-A0A4-1139BF57310A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E44CD42-CDCC-408E-AF86-DF9CA691FB22}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{78A164AD-51D2-48B6-9395-15A8237F306F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BFF9D45E-317A-4893-ABE5-F3808BFF8C07}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{4137AE0D-9248-49E8-BCFB-FA86E31232AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BA39F436-A881-49B7-A9C5-AB228CC2432D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C51117FC-80FB-48EE-A81C-16595A15F5C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{620A1F10-8688-4AD4-B783-5DF276B43258}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{CE1ADA4D-A4E5-450B-8EF0-D7F9C726F2C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{F833B260-694C-4F35-B2DB-40707E6B2C31}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{278877AB-5136-4A19-AC54-78C1E90AF6C8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{7625CD51-DE6E-4DFE-8D1A-2D6FF989970A}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A28922DF-5216-4478-BE30-F324F3C4035B}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6CB67587-DE8E-4071-A757-2458F0EF4C42}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9E2D00E6-6B83-45F3-8CDA-EC0AFDF0759F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CB0F424E-3C95-4D3C-9A67-5091D23723B8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3A91C414-F84D-4875-9FA1-4D570BF195C5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{934044E0-2DA2-4547-AD0F-A33CF03A4E87}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7682E269-2D50-4ADC-AE65-180469DD6F89}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{441F31E9-4A68-49B9-9447-A0DFC25639C9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{D1F39393-0C77-4A8D-AB2D-321CF0ABE272}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{A26C369F-B327-466E-B4A0-F11FFD772D4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08095423-D65A-4453-B10B-A5BB707DD63A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F947F1FE-C402-48B3-8903-DB75556FC4C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3149DFF1-C918-44F6-A6DB-82EAC235944D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0ADB8203-3A3D-457A-A3D1-F54E5CB7F862}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5CC5729D-A8D5-48A9-BE13-090F677152F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B73C0B1D-44FD-4475-B7C9-A51C7C933D56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E2480E9-47F9-4172-9B9B-058C6153255E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0B88FD0-A050-4256-97C8-7E1E62EB2E30}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53E00525-26DD-4DA9-A26A-20E8C8E6F51F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

25-12-2020 13:40:47 Naplánovaný kontrolní bod
03-01-2021 08:27:25 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/11/2021 02:31:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (01/11/2021 02:31:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593

Error: (01/11/2021 02:31:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/10/2021 05:30:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Cortana.exe verze 2.2011.11613.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: ee8

Čas spuštění: 01d6e76ddbfa2ff1

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe

ID hlášení: fc4b7888-5657-402d-b389-a17c04c6cb6c

Úplný název balíčku s chybou: Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (01/09/2021 01:17:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609

Error: (01/09/2021 01:17:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15609

Error: (01/09/2021 01:17:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/07/2021 09:15:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609


System errors:
=============
Error: (01/11/2021 08:07:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba tbaseprovisioning byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/11/2021 08:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/11/2021 08:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/11/2021 08:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/11/2021 08:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (01/11/2021 08:07:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ABBYY FineReader 9.0 Sprint Licensing Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/11/2021 08:07:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba 602Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/11/2021 08:07:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2021-01-12 07:00:23.9070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 07:00:23.8980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 07:00:23.8840000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 06:44:19.4580000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 06:44:19.4510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 06:44:19.2020000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-11 22:49:49.5600000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 22:49:49.5510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.7 07/18/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 38%
Total physical RAM: 8070.02 MB
Available physical RAM: 4994.16 MB
Total Virtual: 9350.02 MB
Available Virtual: 6598.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.89 GB) (Free:133.06 GB) NTFS

\\?\Volume{d511e935-e4e0-4f94-8fc9-1e8c041b4eb5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4c41a681-d607-44ea-a7ee-74bdc898fc68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Preventivní kontrola - pomalý PC

Napsal: 12 led 2021 23:14
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
    File: C:\Windows\Samsung\PanelMgr\SSMMgr.exe
    File: C:\Windows\Samsung\PanelMgr\caller64.exe
    File: C:\Program Files\VDownloader\Vdownloader4.exe
    
    FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__190920
    CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
    2021-01-12 06:55 - 2021-01-12 06:55 - 000000000 ____D C:\Users\Ota\Desktop\FRST-OlderVersion
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede

Re: Preventivní kontrola - pomalý PC

Napsal: 13 led 2021 07:14
od ota
Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by Ota (13-01-2021 06:59:48) Run:3
Running from C:\Users\Ota\Desktop
Loaded Profiles: Ota
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
File: C:\Windows\Samsung\PanelMgr\SSMMgr.exe
File: C:\Windows\Samsung\PanelMgr\caller64.exe
File: C:\Program Files\VDownloader\Vdownloader4.exe

FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__190920
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.20.5.39\Exts\Chrome.crx <not found>
2021-01-12 06:55 - 2021-01-12 06:55 - 000000000 ____D C:\Users\Ota\Desktop\FRST-OlderVersion
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 30
Average :
Sum : 10781083
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe ========================

C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
File not signed
MD5: 896577032DE2B79E10C4004C1C07A83A
Creation and modification date: 2018-08-25 10:09 - 2008-09-18 09:25
Size: 000806912
Attributes: ----A
Company Name:
Internal Name: MouseDrv
Original Name: MouseDrv.EXE
Product: 5 Key Mouse Driver
Description: 5 Key Mouse Driver
File Version: 2.3
Product Version: 2.3
Copyright: Copyright (C) 2003-2004
VirusTotal: https://www.virustotal.com/gui/file/219 ... 1512481728

====== End of File: ======


========================= File: C:\Windows\Samsung\PanelMgr\SSMMgr.exe ========================

C:\Windows\Samsung\PanelMgr\SSMMgr.exe
File not signed
MD5: DBF9AE6C5C1DA2244061F95D61DD1723
Creation and modification date: 2017-10-11 08:29 - 2010-10-28 11:14
Size: 000618496
Attributes: ----A
Company Name:
Internal Name: LaserSMMgr
Original Name: LaserSMMgr.EXE
Product:
Description:
File Version: 3, 2, 4, 1
Product Version: 3, 2, 4, 1
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/32e ... 1594169620

====== End of File: ======


========================= File: C:\Windows\Samsung\PanelMgr\caller64.exe ========================

C:\Windows\Samsung\PanelMgr\caller64.exe
File not signed
MD5: EC57F3164C58640D13F6F544BD5DB853
Creation and modification date: 2017-10-11 08:29 - 2009-11-19 10:15
Size: 000306688
Attributes: ----A
Company Name:
Internal Name: Caller64.exe
Original Name: Caller64.exe
Product:
Description:
File Version: 1.1.0.0
Product Version: 1.1.0.0
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/579 ... 1609096401

====== End of File: ======


========================= File: C:\Program Files\VDownloader\Vdownloader4.exe ========================

C:\Program Files\VDownloader\Vdownloader4.exe
File not signed
MD5: D7225B2C64D6EF5A480E13195EB76BF9
Creation and modification date: 2017-02-20 19:05 - 2017-02-13 15:43
Size: 004606464
Attributes: ----A
Company Name: Vitzo
Internal Name: VDownloader4.exe
Original Name: VDownloader4.exe
Product: VDownloader
Description: VDownloader
File Version: 4.5.2598
Product Version: 4.5.2598
Copyright: Copyright © 2017
VirusTotal: https://www.virustotal.com/gui/file/79c ... 1604588094

====== End of File: ======

"Firefox newtab" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
"C:\Users\Ota\Desktop\FRST-OlderVersion" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 69814972 B
Java, Flash, Steam htmlcache => 1198 B
Windows/system/drivers => 19281276 B
Edge => 18944 B
Chrome => 243433143 B
Firefox => 1110389630 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 62382 B
NetworkService => 62382 B
oem => 62382 B
Ota => 12638863 B

RecycleBin => 2466092 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End 2 Fixlog 07:06:20 ====

Re: Preventivní kontrola - pomalý PC

Napsal: 13 led 2021 22:06
od Conder
:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC

Re: Preventivní kontrola - pomalý PC

Napsal: 14 led 2021 20:52
od ota
Něco dělám špatně, po půlhodinovém restartu mám na ploše pouze sfcdetails.txt ale prázdný, a dism.txt se nezapsal vůbec. Co jsem spletl?

Re: Preventivní kontrola - pomalý PC

Napsal: 15 led 2021 21:41
od Conder
Po spusteni prvych 2 prikazov sa ukazal aj priebeh s percentami? Ak ano, skus ten posledny prikaz spustit este raz (skontroluj, ci je skopirovany a vlozeny cely).

Inak chapem spravne, ze polhodinu trvalo samotne restartovanie PC?

Re: Preventivní kontrola - pomalý PC

Napsal: 16 led 2021 20:25
od ota
Skutečně trval asi půl hodiny