Dobrý den,
notebook je dva roky starý, problémy s ním jsou od začátku, na opravě vždy řeknou, že jede tak co chci. Ale jede pomalu, zasekává se. Někdy šlape krásně, ale někdy se jen zapíná půl hodiny a po načtení všechny programy často píší že neodpovídají. Už nevím co s tím, ale potřebuji psát diplomku.
Děkuji všem za pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by petra (administrator) on LAPTOP-2KA2KHI3 (Acer Aspire A315-51) (16-02-2021 12:42:47)
Running from C:\Users\petra\Desktop
Loaded Profiles: petra
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHeciSvc.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petra\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petra\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petra\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\petra\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677488 2020-08-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [94898944 2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\petra\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-12] (Google LLC -> Google LLC)
Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-11-01]
ShortcutTarget: MEGAsync.lnk -> C:\Users\petra\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0047A287-F1A1-4DC0-8A30-E86327EAEC89} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {04E2D02A-C09D-410F-AC76-AB08A55C2EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {099CB893-AE48-4F3A-8D34-F408952B2D00} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {0A1B78D7-A684-4F7D-856C-68FF524C4CF1} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC} - \AcerCloud -> No File <==== ATTENTION
Task: {25F281A9-BCE2-4624-8DA3-BB72D749DE7B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2FD17618-1346-4E41-B743-ECE94890DB87} - \ACC -> No File <==== ATTENTION
Task: {31EB289D-8939-4057-B372-F928184F3D7C} - \PicstreamAgent -> No File <==== ATTENTION
Task: {355A76DF-E70F-4CF0-891F-94FF7564450B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {374F34FC-E60E-43AC-B364-60306B078DF2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {384BABA2-2F47-4EF7-AA50-7706058F02D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {3905BEDC-79CE-4915-BCED-B941542F0946} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C7CC4C2-0B53-45C5-96F4-CA3141B24078} - \Acer Collection Application -> No File <==== ATTENTION
Task: {45F89F73-F044-43A4-A49F-890BAEB0287C} - \Software Update Application -> No File <==== ATTENTION
Task: {496DAD5A-1EF1-4FC7-AF99-FC09574F5A06} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-374904026-1653077518-2199072125-1001 => C:\Users\petra\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-11-26] (Mega Limited -> Mega Limited)
Task: {4B485010-DD7B-4E4D-8C2B-E8B63254D4F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1126296 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {5C84D9D9-F3E4-45F0-9FF9-242298EC58F9} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {5D81326C-D6EC-49A0-AAB5-D8A874E06E83} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {63572903-5C4E-44FB-B7F2-6265126EDD0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B56B5D0-E887-4D30-A056-43BC3489B186} - \ACCBackgroundApplication -> No File <==== ATTENTION
Task: {6D588446-7348-4EC3-83A0-375FB17B59FF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {702EB6FC-4A95-4838-A59C-772CC4893A57} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {751AB833-5168-4E47-B575-84C679F68D76} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {7527FFA6-A3C8-4397-83A7-0C91FC43F3E0} - \ACCAgent -> No File <==== ATTENTION
Task: {7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {7B12A878-BBF1-48AF-861F-16052479FF04} - \MonitorAcerPortal -> No File <==== ATTENTION
Task: {83E54F55-FD52-449E-91B5-FC75DF9DBC83} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {8B7316E2-0BA6-443E-B6CA-A8A1808179ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2B42754-7466-4E33-A44F-CD12F316A775} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6A8BB8F-D898-4946-A0B4-5312DBADE7B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE1A8B19-E57C-43FB-B6CF-0611B8904820} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
Task: {B444F08A-0CCE-4E0D-B11C-2697C7C48186} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA} - \Acer Collection Monitor Application -> No File <==== ATTENTION
Task: {BDE8FF81-7627-4C42-BBBA-4D4552B62ABC} - \App Explorer -> No File <==== ATTENTION
Task: {C20DBAD6-F62B-42EB-9375-770780AAE3EB} - \Intel PTT EK Recertification -> No File <==== ATTENTION
Task: {C51C1203-DAC7-45A9-BFBA-26E01A6983A3} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {C535078C-3A04-4A94-B6A0-C8786BAA1742} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {F85F65FE-8163-4D79-ACBE-CB75A153417F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {FDB21500-6876-4345-8207-FD229DF0FEE4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{894b96e0-5a95-4d92-be03-587c0fcf6e03}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{d62ac195-10be-4281-843e-28b175bd038e}: [DhcpNameServer] 40.32.1.55
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-20]
FireFox:
========
FF DefaultProfile: hor6kcb4.default
FF ProfilePath: C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default [2021-01-20]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default\Extensions\abb-acer@amazon.com.xpi [2020-09-10] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-09-10]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2021-01-20]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2021-01-13] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2021-01-13] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-01-13] [Legacy]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR Notifications: Default -> hxxps://very-important.online
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-13]
CHR Extension: (Dokumenty) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-13]
CHR Extension: (Disk Google) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-13]
CHR Extension: (Tabulky) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Reload All Tabs) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2021-01-10]
CHR Extension: (Citace PRO) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2020-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2017-04-24] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2016-08-04] (Dashlane -> Dashlane, Inc.)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1640240 2020-10-05] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-31] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-31] (Disc Soft Ltd -> Disc Soft Ltd)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.2.3\Definitions\SDSDefs\20200908.004\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.2.3\Definitions\SDSDefs\20200908.004\NAVEX15.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-16 12:42 - 2021-02-16 12:47 - 000021856 _____ C:\Users\petra\Desktop\FRST.txt
2021-02-16 12:41 - 2021-02-16 12:45 - 000000000 ____D C:\FRST
2021-02-16 12:39 - 2021-02-16 12:40 - 002297856 _____ (Farbar) C:\Users\petra\Desktop\FRST64.exe
2021-02-16 12:37 - 2021-02-16 12:37 - 000000000 ____D C:\Users\petra\AppData\Local\D3DSCache
2021-02-13 16:47 - 2021-02-13 18:13 - 000000000 ____D C:\Users\petra\Desktop\Vinted 2021
2021-02-13 16:37 - 2021-02-13 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2021-02-13 16:37 - 2021-02-13 16:37 - 000000000 ____D C:\ProgramData\MEGAsync
2021-02-12 14:28 - 2021-02-12 14:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 14:28 - 2021-02-12 14:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 14:27 - 2021-02-12 14:27 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 14:27 - 2021-02-12 14:27 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 14:25 - 2021-02-12 14:25 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-01-22 09:27 - 2021-01-22 09:27 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-20 13:54 - 2021-01-20 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-18 19:02 - 2021-01-18 19:02 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-18 19:02 - 2021-01-18 19:02 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-18 19:02 - 2021-01-18 19:02 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-18 19:02 - 2021-01-18 19:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-18 19:01 - 2021-01-18 19:01 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-18 19:01 - 2021-01-18 19:01 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-18 19:01 - 2021-01-18 19:01 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-18 19:01 - 2021-01-18 19:01 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-18 19:01 - 2021-01-18 19:01 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-18 19:01 - 2021-01-18 19:01 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-18 19:00 - 2021-01-18 19:00 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-18 19:00 - 2021-01-18 19:00 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-18 18:59 - 2021-01-18 18:59 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-18 18:59 - 2021-01-18 18:59 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-18 18:58 - 2021-01-18 18:58 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-18 18:58 - 2021-01-18 18:58 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-18 18:58 - 2021-01-18 18:58 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-18 18:57 - 2021-01-18 18:57 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-18 18:57 - 2021-01-18 18:57 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-18 18:56 - 2021-01-18 18:56 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-18 18:55 - 2021-01-18 18:55 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-18 18:55 - 2021-01-18 18:55 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-18 18:54 - 2021-01-18 18:54 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-18 18:54 - 2021-01-18 18:54 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-18 18:54 - 2021-01-18 18:54 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-18 18:53 - 2021-01-18 18:53 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-18 18:52 - 2021-01-18 18:52 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-18 18:51 - 2021-01-18 18:51 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-18 18:51 - 2021-01-18 18:51 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-18 18:51 - 2021-01-18 18:51 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-18 18:51 - 2021-01-18 18:51 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-18 18:50 - 2021-01-18 18:50 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-18 18:49 - 2021-01-18 18:49 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-18 18:49 - 2021-01-18 18:49 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-18 18:48 - 2021-01-18 18:48 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-18 18:47 - 2021-01-18 18:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-18 18:47 - 2021-01-18 18:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-18 18:46 - 2021-01-18 18:46 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-18 18:46 - 2021-01-18 18:46 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-16 12:46 - 2020-09-07 10:05 - 000003504 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2021-02-16 12:33 - 2020-09-07 09:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-16 12:10 - 2020-09-08 17:44 - 000000000 ____D C:\Users\petra\AppData\Local\Host App Service
2021-02-16 12:07 - 2020-09-06 17:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-16 11:45 - 2020-09-08 17:47 - 000000000 ____D C:\Users\petra\AppData\Local\Packages
2021-02-16 11:44 - 2020-10-25 19:29 - 000000000 ____D C:\Users\petra\AppData\Local\Deployment
2021-02-15 18:11 - 2020-09-08 17:55 - 000000000 ___RD C:\Users\petra\OneDrive
2021-02-15 09:11 - 2017-12-07 04:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-14 11:18 - 2020-09-06 17:56 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-14 11:18 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-13 22:12 - 2020-09-15 13:38 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-13 17:04 - 2020-09-30 06:54 - 000002368 _____ C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-13 17:04 - 2020-09-30 06:54 - 000002360 _____ C:\Users\petra\Desktop\Microsoft Teams.lnk
2021-02-13 16:46 - 2020-11-28 09:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-13 16:43 - 2020-11-28 09:06 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-13 16:41 - 2020-11-01 12:37 - 000000000 ___RD C:\Users\petra\Documents\MEGA
2021-02-13 16:40 - 2020-09-06 17:54 - 000000000 ____D C:\WINDOWS\INF
2021-02-13 16:29 - 2020-09-08 17:47 - 000000000 __SHD C:\Users\petra\IntelGraphicsProfiles
2021-02-13 13:36 - 2020-09-07 10:07 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-13 13:36 - 2020-09-06 18:02 - 000717828 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-13 13:36 - 2020-09-06 18:02 - 000144990 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 13:30 - 2020-09-07 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-13 13:30 - 2020-09-07 09:29 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-13 13:13 - 2020-09-06 17:41 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-13 13:09 - 2020-09-07 09:29 - 000439016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-13 13:08 - 2021-01-13 17:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-13 13:08 - 2017-12-07 04:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 13:04 - 2020-09-06 17:41 - 000000000 ____D C:\WINDOWS\servicing
2021-02-13 12:56 - 2020-12-15 08:58 - 000000000 ____D C:\Users\petra\AppData\Roaming\vlc
2021-02-12 14:49 - 2020-09-06 17:46 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-12 13:48 - 2020-09-08 17:56 - 000000000 ___HD C:\$WinREAgent
2021-02-12 13:28 - 2020-09-08 17:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 13:21 - 2020-09-08 17:56 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 12:54 - 2020-09-13 09:55 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-12 12:35 - 2020-09-07 09:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-12 12:30 - 2020-09-13 09:53 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-12 12:30 - 2020-09-13 09:53 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-12 12:24 - 2020-09-15 13:37 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-12 12:24 - 2020-09-15 13:37 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-12 11:33 - 2020-09-08 17:55 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-374904026-1653077518-2199072125-1001
2021-02-12 11:33 - 2020-09-08 17:44 - 000002365 _____ C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-22 07:25 - 2020-09-08 17:49 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-20 15:46 - 2020-09-08 17:50 - 000000000 ____D C:\Users\petra\AppData\LocalLow\Mozilla
2021-01-20 13:52 - 2017-12-07 04:33 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\IME
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-19 00:32 - 2020-09-08 17:44 - 000000000 ____D C:\Users\petra
2021-01-18 18:46 - 2020-09-07 09:32 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by petra (16-02-2021 12:56:12)
Running from C:\Users\petra\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-09-07 09:06:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-374904026-1653077518-2199072125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-374904026-1653077518-2199072125-503 - Limited - Disabled)
Guest (S-1-5-21-374904026-1653077518-2199072125-501 - Limited - Disabled)
petra (S-1-5-21-374904026-1653077518-2199072125-1001 - Administrator - Enabled) => C:\Users\petra
WDAGUtilityAccount (S-1-5-21-374904026-1653077518-2199072125-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{E3930B59-5669-4BAB-A329-D56C1427C613}) (Version: 3.3.19180.100 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3028 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3004 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
App Explorer (HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\Host App Service) (Version: 0.273.4.186 - SweetLabs) <==== ATTENTION
Citace PRO (HKLM-x32\...\{D6806374-5BC5-41F2-8575-15BE857D905B}) (Version: 4.0.5 - Citace.com)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.12.0 - Dashlane, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1050 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9000.1 - Realtek Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.21759 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.1 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.428 - WildTangent) Hidden
Packages:
=========
abFiles -> C:\Program Files\WindowsApps\acerincorporated.abfiles_1.0.7.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
abPhoto -> C:\Program Files\WindowsApps\AcerIncorporated.6245439DEEE9E_1.0.10.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Acer Collection -> C:\Program Files\WindowsApps\acerincorporated.acercollection_1.1.3013.0_x64__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Acer Portal -> C:\Program Files\WindowsApps\acerincorporated.acerportal_1.1.9.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Booking.com -> C:\Program Files\WindowsApps\booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2020-09-07] (CN=Acer Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-11-28] (Canon Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-12] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-09-06] (MAGIX)
PhotoDirector for acer -> C:\Program Files\WindowsApps\cyberlinkcorp.ac.photodirectorforacerdesktop_8.0.5229.0_x64__ypz87dpxkv292 [2020-09-06] (CYBERLINK COM CORP)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-01] (Microsoft Corporation)
PowerDirector for acer -> C:\Program Files\WindowsApps\cyberlinkcorp.ac.powerdirectorforacerdesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-09-06] (CYBERLINK COM CORP)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.0.55.0_x64__kx24dqmazqk8j [2021-02-12] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.0.0.0_x64__kx24dqmazqk8j [2020-12-09] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.0.63.0_x64__kx24dqmazqk8j [2020-11-16] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-12] (Spotify AB) [Startup Task]
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2020-09-06] (WildTangent Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\petra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{AC17C382-4ACE-4118-B4E4-D02831BE2DF4} -> [MEGA] => C:\Users\petra\Documents\MEGA [2020-11-01 12:37]
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\petra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxDTCM.dll [2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-12-07 04:38 - 2020-09-20 18:51 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll
2017-12-07 04:38 - 2017-12-07 04:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2017-12-07 04:38 - 2017-12-07 04:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qgif.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qicns.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qico.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qjpeg.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qsvg.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtga.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtiff.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwbmp.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwebp.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\platforms\qwindows.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\sharepoint.com -> hxxps://ucnmuni-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Control Panel\Desktop\\Wallpaper -> D:\Porovnané věci na disku 2020\Obrázky\2020\Sněžnice\IMG_0366.JPG
DNS Servers: 10.0.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{603FDE1E-4C46-4C7C-87CD-D619DA09614D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E25A089-12C3-46CC-A7C5-79127ACF5164}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A6D465DC-9239-4BA8-825F-40DE79F68D18}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0EA10470-7DCB-468C-87BA-58EE68DAB84F}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64196989-3734-415C-A41A-056B0C644D25}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A8EB41E-2943-4FA1-91F5-DA8911EE47AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1E5093C-8873-4C32-8B29-CFB469FCAD35}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{035A59FB-A9A2-40BB-8F15-86D99E964A51}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D13E996-05CE-4FC5-891A-C6A4AAF4C2BD}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6D4F2A93-A806-4406-ABE3-AAC09767882B}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFB8AACD-7CA6-4E2C-80DD-40BC7BABCA8B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB4D8333-D45C-473E-89B6-04D940C25C19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26E76A62-08DB-4430-AF40-9CE7B0EBBEB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3B67697D-E634-48DD-8BBF-57E67B4EE86E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{896AC0BD-0680-4387-AF79-A188515088B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{68F24439-0CDD-4B4D-ABEF-C4E710D4F055}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE06F4DA-D773-45D6-BA47-784EFA6F471F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2E55B872-CE5F-456E-AA77-052C76F318E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EB60448-CE57-4FE2-A5E7-180284CA8051}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{607B1112-D40A-4A85-ADEB-10717DB34621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{831C6A29-D2FE-4D94-82B0-0701A7800012}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9BEA79B-0164-4790-9B1C-F8CD58EC08EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A29788D4-3AB1-4707-8AD9-A345E8417A03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37EE3FAF-4278-4007-8BAB-CD5BD9ECB95C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
12-02-2021 13:29:14 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/16/2021 08:44:13 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/15/2021 09:14:42 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Context: Application, SystemIndex Catalog
Error: (02/15/2021 09:04:29 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/14/2021 08:18:40 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/13/2021 10:09:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20110.11001.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1b84
Čas spuštění: 01d7022b6376ac6a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: db0f004d-4754-4c81-ac1a-231e76c4527a
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (02/13/2021 12:57:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3370
Čas spuštění: 01d701310361978e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
ID hlášení: 9be89742-6755-4aaf-9cc1-ab80eb188202
Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (02/13/2021 12:54:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.420.11102.0, časové razítko: 0x5faaa7cb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x3e00
Čas spuštění chybující aplikace: 0x01d701e1a166f175
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a066a816-22c2-4be3-9314-2c94585c8205
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (02/13/2021 09:34:53 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (02/15/2021 05:22:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2KA2KHI3)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/14/2021 12:43:54 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2KA2KHI3)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 10:03:50 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2KA2KHI3)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/13/2021 01:31:58 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service skončila s následující chybou specifickou pro službu:
Operace byla dokončena úspěšně.
Error: (02/13/2021 01:13:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Médium je chráněno proti zápisu.
Error: (02/13/2021 01:12:45 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.
Error: (02/13/2021 01:06:51 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Security Service se po přijetí pokynu pro vypnutí neukončila správně.
Error: (02/13/2021 12:59:09 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2KA2KHI3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-02-16 10:23:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-14 12:05:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-13 19:09:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-13 17:19:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-26 18:49:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-22 08:11:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-22 08:06:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-12 12:23:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.331.222.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-01-18 17:32:28
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.2160.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-01-07 08:24:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1700.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-01-04 12:40:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1575.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2020-09-08 19:38:29
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.9.2.3\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.05 09/12/2017
Motherboard: SKL Venusaur_KL
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 91%
Total physical RAM: 3973.22 MB
Available physical RAM: 336.78 MB
Total Virtual: 8837.22 MB
Available Virtual: 2648.64 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:755.1 GB) NTFS
\\?\Volume{b86194ca-6def-4f19-8158-f8f500245c89}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{f227c6a1-a25f-4932-9a0e-33f39b0dc176}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6C4FA093)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-16-2021
# Duration: 00:00:54
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 62
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\App Explorer
Adware.pokki C:\Users\petra\AppData\Local\Host App Service
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE8FF81-7627-4C42-BBBA-4D4552B62ABC}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Legacy HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d62ac195-10be-4281-843e-28b175bd038e}|DhcpNameServer - "40.32.1.55"
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy dgpdioedihjhncjafcpgbbjdpbbkikmi
PUP.Optional.Legacy fcijkonhppildbjgkdaglmeoeemcldha
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
PUP.Optional.Assistant Amazon Assistant for Firefox - abb-acer@amazon.com
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B56B5D0-E887-4D30-A056-43BC3489B186}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCollection Folder C:\Program Files (x86)\ACER\ACER COLLECTION
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C7CC4C2-0B53-45C5-96F4-CA3141B24078}
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA}
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Application
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Monitor Application
Preinstalled.AcerCollection Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}
Preinstalled.AcerConfigurationManager Folder C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{099CB893-AE48-4F3A-8D34-F408952B2D00}
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258}
Preinstalled.AcerConfigurationManager Task C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258
Preinstalled.AcerGames Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACER GAMES
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerPortal Folder C:\ProgramData\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC}
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B12A878-BBF1-48AF-861F-16052479FF04}
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MonitorAcerPortal
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{751AB833-5168-4E47-B575-84C679F68D76}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDB21500-6876-4345-8207-FD229DF0FEE4}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A1B78D7-A684-4F7D-856C-68FF524C4CF1}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-16-2021
# Duration: 00:01:01
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Not Deleted C:\Users\petra\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE8FF81-7627-4C42-BBBA-4D4552B62ABC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d62ac195-10be-4281-843e-28b175bd038e}|DhcpNameServer - "40.32.1.55"
***** [ Chromium (and derivatives) ] *****
Deleted dgpdioedihjhncjafcpgbbjdpbbkikmi
Deleted fcijkonhppildbjgkdaglmeoeemcldha
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Amazon Assistant for Firefox - abb-acer@amazon.com
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8569 octets] - [16/02/2021 14:50:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-16-2021
# Duration: 00:00:54
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 62
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\App Explorer
Adware.pokki C:\Users\petra\AppData\Local\Host App Service
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE8FF81-7627-4C42-BBBA-4D4552B62ABC}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Legacy HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d62ac195-10be-4281-843e-28b175bd038e}|DhcpNameServer - "40.32.1.55"
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy dgpdioedihjhncjafcpgbbjdpbbkikmi
PUP.Optional.Legacy fcijkonhppildbjgkdaglmeoeemcldha
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
PUP.Optional.Assistant Amazon Assistant for Firefox - abb-acer@amazon.com
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B56B5D0-E887-4D30-A056-43BC3489B186}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCollection Folder C:\Program Files (x86)\ACER\ACER COLLECTION
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C7CC4C2-0B53-45C5-96F4-CA3141B24078}
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA}
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Application
Preinstalled.AcerCollection Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Monitor Application
Preinstalled.AcerCollection Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}
Preinstalled.AcerConfigurationManager Folder C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{099CB893-AE48-4F3A-8D34-F408952B2D00}
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258}
Preinstalled.AcerConfigurationManager Task C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258
Preinstalled.AcerGames Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACER GAMES
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerPortal Folder C:\ProgramData\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC}
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B12A878-BBF1-48AF-861F-16052479FF04}
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MonitorAcerPortal
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{751AB833-5168-4E47-B575-84C679F68D76}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDB21500-6876-4345-8207-FD229DF0FEE4}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A1B78D7-A684-4F7D-856C-68FF524C4CF1}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-16-2021
# Duration: 00:01:01
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Not Deleted C:\Users\petra\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE8FF81-7627-4C42-BBBA-4D4552B62ABC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d62ac195-10be-4281-843e-28b175bd038e}|DhcpNameServer - "40.32.1.55"
***** [ Chromium (and derivatives) ] *****
Deleted dgpdioedihjhncjafcpgbbjdpbbkikmi
Deleted fcijkonhppildbjgkdaglmeoeemcldha
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Amazon Assistant for Firefox - abb-acer@amazon.com
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8569 octets] - [16/02/2021 14:50:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
OK. Teď dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by petra (administrator) on LAPTOP-2KA2KHI3 (Acer Aspire A315-51) (16-02-2021 16:15:38)
Running from C:\Users\petra\Desktop
Loaded Profiles: petra
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\petra\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petra\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petra\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677488 2020-08-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [94898944 2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\petra\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-12] (Google LLC -> Google LLC)
Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-11-01]
ShortcutTarget: MEGAsync.lnk -> C:\Users\petra\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0047A287-F1A1-4DC0-8A30-E86327EAEC89} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {099CB893-AE48-4F3A-8D34-F408952B2D00} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {0A1B78D7-A684-4F7D-856C-68FF524C4CF1} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC} - \AcerCloud -> No File <==== ATTENTION
Task: {25F281A9-BCE2-4624-8DA3-BB72D749DE7B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2FD17618-1346-4E41-B743-ECE94890DB87} - \ACC -> No File <==== ATTENTION
Task: {31EB289D-8939-4057-B372-F928184F3D7C} - \PicstreamAgent -> No File <==== ATTENTION
Task: {355A76DF-E70F-4CF0-891F-94FF7564450B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {374F34FC-E60E-43AC-B364-60306B078DF2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {384BABA2-2F47-4EF7-AA50-7706058F02D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {3C7CC4C2-0B53-45C5-96F4-CA3141B24078} - \Acer Collection Application -> No File <==== ATTENTION
Task: {45F89F73-F044-43A4-A49F-890BAEB0287C} - \Software Update Application -> No File <==== ATTENTION
Task: {496DAD5A-1EF1-4FC7-AF99-FC09574F5A06} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-374904026-1653077518-2199072125-1001 => C:\Users\petra\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-11-26] (Mega Limited -> Mega Limited)
Task: {4B485010-DD7B-4E4D-8C2B-E8B63254D4F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1126296 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {5C84D9D9-F3E4-45F0-9FF9-242298EC58F9} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {5D81326C-D6EC-49A0-AAB5-D8A874E06E83} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {6B56B5D0-E887-4D30-A056-43BC3489B186} - \ACCBackgroundApplication -> No File <==== ATTENTION
Task: {6D588446-7348-4EC3-83A0-375FB17B59FF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {702EB6FC-4A95-4838-A59C-772CC4893A57} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {751AB833-5168-4E47-B575-84C679F68D76} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {7527FFA6-A3C8-4397-83A7-0C91FC43F3E0} - \ACCAgent -> No File <==== ATTENTION
Task: {7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {7B12A878-BBF1-48AF-861F-16052479FF04} - \MonitorAcerPortal -> No File <==== ATTENTION
Task: {83E54F55-FD52-449E-91B5-FC75DF9DBC83} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {A2B42754-7466-4E33-A44F-CD12F316A775} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6A8BB8F-D898-4946-A0B4-5312DBADE7B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE1A8B19-E57C-43FB-B6CF-0611B8904820} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
Task: {B444F08A-0CCE-4E0D-B11C-2697C7C48186} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA} - \Acer Collection Monitor Application -> No File <==== ATTENTION
Task: {C20DBAD6-F62B-42EB-9375-770780AAE3EB} - \Intel PTT EK Recertification -> No File <==== ATTENTION
Task: {C51C1203-DAC7-45A9-BFBA-26E01A6983A3} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {C535078C-3A04-4A94-B6A0-C8786BAA1742} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {F85F65FE-8163-4D79-ACBE-CB75A153417F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {FDB21500-6876-4345-8207-FD229DF0FEE4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{894b96e0-5a95-4d92-be03-587c0fcf6e03}: [DhcpNameServer] 10.0.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-20]
FireFox:
========
FF DefaultProfile: hor6kcb4.default
FF ProfilePath: C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default [2021-01-20]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-09-10]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2021-01-20]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2021-01-13] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-01-13] [Legacy]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR Notifications: Default -> hxxps://very-important.online
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-13]
CHR Extension: (Dokumenty) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-13]
CHR Extension: (Disk Google) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-13]
CHR Extension: (Tabulky) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Reload All Tabs) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2021-01-10]
CHR Extension: (Citace PRO) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2020-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2017-04-24] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2016-08-04] (Dashlane -> Dashlane, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1640240 2020-10-05] (WildTangent Inc -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-31] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-31] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.2.3\Definitions\SDSDefs\20200908.004\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.2.3\Definitions\SDSDefs\20200908.004\NAVEX15.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-16 16:11 - 2021-02-16 16:11 - 000000000 ____D C:\Users\petra\AppData\LocalLow\IGDump
2021-02-16 14:58 - 2021-02-16 14:58 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-16 14:57 - 2021-02-16 14:57 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-16 14:57 - 2021-02-16 14:57 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-16 14:40 - 2021-02-16 14:40 - 008463216 _____ (Malwarebytes) C:\Users\petra\Desktop\adwcleaner_8.1.exe
2021-02-16 14:39 - 2021-02-16 14:51 - 000000000 ____D C:\AdwCleaner
2021-02-16 14:38 - 2021-02-16 14:38 - 008447152 _____ (Malwarebytes) C:\Users\petra\Desktop\AdwCleaner.exe
2021-02-16 14:15 - 2021-02-16 14:15 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-16 14:15 - 2021-02-16 14:15 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-16 14:15 - 2021-02-16 14:15 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-16 14:15 - 2021-02-16 14:15 - 000000000 ____D C:\Users\petra\AppData\Local\mbam
2021-02-16 14:14 - 2021-02-16 14:13 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-16 14:14 - 2021-02-16 14:13 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-16 14:13 - 2021-02-16 14:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-16 14:12 - 2021-02-16 14:12 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-16 14:08 - 2021-02-16 14:08 - 002086424 _____ (Malwarebytes) C:\Users\petra\Desktop\MBSetup.exe
2021-02-16 13:53 - 2021-02-16 13:53 - 000000000 ____D C:\Users\petra\Desktop\Air
2021-02-16 12:42 - 2021-02-16 16:19 - 000020392 _____ C:\Users\petra\Desktop\FRST.txt
2021-02-16 12:41 - 2021-02-16 16:17 - 000000000 ____D C:\FRST
2021-02-16 12:39 - 2021-02-16 12:40 - 002297856 _____ (Farbar) C:\Users\petra\Desktop\FRST64.exe
2021-02-16 12:37 - 2021-02-16 12:37 - 000000000 ____D C:\Users\petra\AppData\Local\D3DSCache
2021-02-13 16:47 - 2021-02-13 18:13 - 000000000 ____D C:\Users\petra\Desktop\Vinted 2021
2021-02-13 16:37 - 2021-02-13 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2021-02-13 16:37 - 2021-02-13 16:37 - 000000000 ____D C:\ProgramData\MEGAsync
2021-02-12 14:28 - 2021-02-12 14:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 14:28 - 2021-02-12 14:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 14:27 - 2021-02-12 14:27 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 14:27 - 2021-02-12 14:27 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 14:25 - 2021-02-12 14:25 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-01-22 09:27 - 2021-01-22 09:27 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-20 13:54 - 2021-01-20 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-18 19:02 - 2021-01-18 19:02 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-18 19:02 - 2021-01-18 19:02 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-18 19:02 - 2021-01-18 19:02 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-18 19:02 - 2021-01-18 19:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-18 19:01 - 2021-01-18 19:01 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-18 19:01 - 2021-01-18 19:01 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-18 19:01 - 2021-01-18 19:01 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-18 19:01 - 2021-01-18 19:01 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-18 19:01 - 2021-01-18 19:01 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-18 19:01 - 2021-01-18 19:01 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-18 19:00 - 2021-01-18 19:00 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-18 19:00 - 2021-01-18 19:00 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-18 18:59 - 2021-01-18 18:59 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-18 18:59 - 2021-01-18 18:59 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-18 18:58 - 2021-01-18 18:58 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-18 18:58 - 2021-01-18 18:58 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-18 18:58 - 2021-01-18 18:58 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-18 18:57 - 2021-01-18 18:57 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-18 18:57 - 2021-01-18 18:57 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-18 18:56 - 2021-01-18 18:56 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-18 18:55 - 2021-01-18 18:55 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-18 18:55 - 2021-01-18 18:55 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-18 18:54 - 2021-01-18 18:54 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-18 18:54 - 2021-01-18 18:54 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-18 18:54 - 2021-01-18 18:54 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-18 18:53 - 2021-01-18 18:53 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-18 18:52 - 2021-01-18 18:52 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-18 18:51 - 2021-01-18 18:51 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-18 18:51 - 2021-01-18 18:51 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-18 18:51 - 2021-01-18 18:51 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-18 18:51 - 2021-01-18 18:51 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-18 18:50 - 2021-01-18 18:50 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-18 18:49 - 2021-01-18 18:49 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-18 18:49 - 2021-01-18 18:49 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-18 18:48 - 2021-01-18 18:48 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-18 18:47 - 2021-01-18 18:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-18 18:47 - 2021-01-18 18:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-18 18:46 - 2021-01-18 18:46 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-18 18:46 - 2021-01-18 18:46 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-16 16:25 - 2020-09-06 17:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-16 15:47 - 2020-09-07 10:05 - 000003500 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2021-02-16 15:17 - 2020-10-25 19:29 - 000000000 ____D C:\Users\petra\AppData\Local\Deployment
2021-02-16 15:17 - 2020-09-30 07:33 - 000000000 ____D C:\Users\petra\Desktop\Farmacie
2021-02-16 15:00 - 2020-09-08 17:55 - 000000000 ___RD C:\Users\petra\OneDrive
2021-02-16 14:57 - 2020-09-08 17:47 - 000000000 __SHD C:\Users\petra\IntelGraphicsProfiles
2021-02-16 14:55 - 2020-09-07 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-16 14:54 - 2020-09-07 09:29 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-16 14:53 - 2020-09-06 17:41 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-16 14:51 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-02-16 14:14 - 2020-09-06 17:56 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-16 12:33 - 2020-09-07 09:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-16 12:10 - 2020-09-08 17:44 - 000000000 ____D C:\Users\petra\AppData\Local\Host App Service
2021-02-16 11:45 - 2020-09-08 17:47 - 000000000 ____D C:\Users\petra\AppData\Local\Packages
2021-02-15 09:11 - 2017-12-07 04:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-14 11:18 - 2020-09-06 17:56 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-14 11:18 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-13 22:12 - 2020-09-15 13:38 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-13 17:04 - 2020-09-30 06:54 - 000002368 _____ C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-13 17:04 - 2020-09-30 06:54 - 000002360 _____ C:\Users\petra\Desktop\Microsoft Teams.lnk
2021-02-13 16:46 - 2020-11-28 09:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-13 16:43 - 2020-11-28 09:06 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-13 16:41 - 2020-11-01 12:37 - 000000000 ___RD C:\Users\petra\Documents\MEGA
2021-02-13 16:40 - 2020-09-06 17:54 - 000000000 ____D C:\WINDOWS\INF
2021-02-13 13:36 - 2020-09-07 10:07 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-13 13:36 - 2020-09-06 18:02 - 000717828 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-13 13:36 - 2020-09-06 18:02 - 000144990 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 13:09 - 2020-09-07 09:29 - 000439016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-13 13:08 - 2021-01-13 17:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-13 13:08 - 2017-12-07 04:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 13:04 - 2020-09-06 17:41 - 000000000 ____D C:\WINDOWS\servicing
2021-02-13 12:56 - 2020-12-15 08:58 - 000000000 ____D C:\Users\petra\AppData\Roaming\vlc
2021-02-12 14:49 - 2020-09-06 17:46 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-12 13:48 - 2020-09-08 17:56 - 000000000 ___HD C:\$WinREAgent
2021-02-12 13:28 - 2020-09-08 17:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 13:21 - 2020-09-08 17:56 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 12:54 - 2020-09-13 09:55 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-12 12:35 - 2020-09-07 09:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-12 12:30 - 2020-09-13 09:53 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-12 12:30 - 2020-09-13 09:53 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-12 12:24 - 2020-09-15 13:37 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-12 12:24 - 2020-09-15 13:37 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-12 11:33 - 2020-09-08 17:55 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-374904026-1653077518-2199072125-1001
2021-02-12 11:33 - 2020-09-08 17:44 - 000002365 _____ C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-22 07:25 - 2020-09-08 17:49 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-20 15:46 - 2020-09-08 17:50 - 000000000 ____D C:\Users\petra\AppData\LocalLow\Mozilla
2021-01-20 13:52 - 2017-12-07 04:33 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\IME
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-19 00:32 - 2020-09-08 17:44 - 000000000 ____D C:\Users\petra
2021-01-18 18:46 - 2020-09-07 09:32 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by petra (16-02-2021 16:26:56)
Running from C:\Users\petra\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-09-07 09:06:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-374904026-1653077518-2199072125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-374904026-1653077518-2199072125-503 - Limited - Disabled)
Guest (S-1-5-21-374904026-1653077518-2199072125-501 - Limited - Disabled)
petra (S-1-5-21-374904026-1653077518-2199072125-1001 - Administrator - Enabled) => C:\Users\petra
WDAGUtilityAccount (S-1-5-21-374904026-1653077518-2199072125-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{E3930B59-5669-4BAB-A329-D56C1427C613}) (Version: 3.3.19180.100 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3028 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3004 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Citace PRO (HKLM-x32\...\{D6806374-5BC5-41F2-8575-15BE857D905B}) (Version: 4.0.5 - Citace.com)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.12.0 - Dashlane, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1050 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9000.1 - Realtek Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.21759 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.1 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.428 - WildTangent) Hidden
Packages:
=========
abFiles -> C:\Program Files\WindowsApps\acerincorporated.abfiles_1.0.7.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
abPhoto -> C:\Program Files\WindowsApps\AcerIncorporated.6245439DEEE9E_1.0.10.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Acer Collection -> C:\Program Files\WindowsApps\acerincorporated.acercollection_1.1.3013.0_x64__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Acer Portal -> C:\Program Files\WindowsApps\acerincorporated.acerportal_1.1.9.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Booking.com -> C:\Program Files\WindowsApps\booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2020-09-07] (CN=Acer Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-11-28] (Canon Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-12] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-09-06] (MAGIX)
PhotoDirector for acer -> C:\Program Files\WindowsApps\cyberlinkcorp.ac.photodirectorforacerdesktop_8.0.5229.0_x64__ypz87dpxkv292 [2020-09-06] (CYBERLINK COM CORP)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-01] (Microsoft Corporation)
PowerDirector for acer -> C:\Program Files\WindowsApps\cyberlinkcorp.ac.powerdirectorforacerdesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-09-06] (CYBERLINK COM CORP)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.0.55.0_x64__kx24dqmazqk8j [2021-02-12] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.0.0.0_x64__kx24dqmazqk8j [2020-12-09] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.0.63.0_x64__kx24dqmazqk8j [2020-11-16] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-12] (Spotify AB) [Startup Task]
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2020-09-06] (WildTangent Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\petra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{AC17C382-4ACE-4118-B4E4-D02831BE2DF4} -> [MEGA] => C:\Users\petra\Documents\MEGA [2020-11-01 12:37]
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\petra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxDTCM.dll [2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-01 12:38 - 2020-11-01 12:38 - 013053440 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\avcodec-58.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 002290176 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\avformat-58.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000521728 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\avutil-56.dll
2019-05-14 01:06 - 2020-11-01 12:38 - 000065024 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\cares.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000145408 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\swresample-3.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000570880 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\swscale-5.dll
2017-12-07 04:38 - 2017-12-07 04:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2017-12-07 04:38 - 2017-12-07 04:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2019-05-14 01:06 - 2020-11-01 12:38 - 000295936 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\libcurl.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 002444288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\libcrypto-1_1.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000504320 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\libssl-1_1.dll
2019-05-14 01:06 - 2020-11-01 12:38 - 005118072 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\sharepoint.com -> hxxps://ucnmuni-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Control Panel\Desktop\\Wallpaper -> D:\Porovnané věci na disku 2020\Obrázky\2020\Sněžnice\IMG_0366.JPG
DNS Servers: 10.0.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{603FDE1E-4C46-4C7C-87CD-D619DA09614D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E25A089-12C3-46CC-A7C5-79127ACF5164}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A6D465DC-9239-4BA8-825F-40DE79F68D18}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0EA10470-7DCB-468C-87BA-58EE68DAB84F}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64196989-3734-415C-A41A-056B0C644D25}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A8EB41E-2943-4FA1-91F5-DA8911EE47AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1E5093C-8873-4C32-8B29-CFB469FCAD35}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{035A59FB-A9A2-40BB-8F15-86D99E964A51}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D13E996-05CE-4FC5-891A-C6A4AAF4C2BD}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6D4F2A93-A806-4406-ABE3-AAC09767882B}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFB8AACD-7CA6-4E2C-80DD-40BC7BABCA8B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB4D8333-D45C-473E-89B6-04D940C25C19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26E76A62-08DB-4430-AF40-9CE7B0EBBEB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3B67697D-E634-48DD-8BBF-57E67B4EE86E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{896AC0BD-0680-4387-AF79-A188515088B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{68F24439-0CDD-4B4D-ABEF-C4E710D4F055}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE06F4DA-D773-45D6-BA47-784EFA6F471F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2E55B872-CE5F-456E-AA77-052C76F318E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EB60448-CE57-4FE2-A5E7-180284CA8051}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{607B1112-D40A-4A85-ADEB-10717DB34621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{831C6A29-D2FE-4D94-82B0-0701A7800012}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9BEA79B-0164-4790-9B1C-F8CD58EC08EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A29788D4-3AB1-4707-8AD9-A345E8417A03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37EE3FAF-4278-4007-8BAB-CD5BD9ECB95C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
12-02-2021 13:29:14 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/16/2021 02:51:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WildTangentHelperService.exe, verze: 1.0.0.428, časové razítko: 0x5f7b7a2c
Název chybujícího modulu: WildTangentHelperService.exe, verze: 1.0.0.428, časové razítko: 0x5f7b7a2c
Kód výjimky: 0xc0000005
Posun chyby: 0x000dc200
ID chybujícího procesu: 0x7c0
Čas spuštění chybující aplikace: 0x01d7046ac7b58e6e
Cesta k chybující aplikaci: C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
ID zprávy: 1db7feaf-32a0-4de2-82cf-b38d2b63f677
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/16/2021 08:44:13 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/15/2021 09:14:42 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Context: Application, SystemIndex Catalog
Error: (02/15/2021 09:04:29 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/14/2021 08:18:40 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/13/2021 10:09:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20110.11001.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1b84
Čas spuštění: 01d7022b6376ac6a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: db0f004d-4754-4c81-ac1a-231e76c4527a
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (02/13/2021 12:57:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3370
Čas spuštění: 01d701310361978e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
ID hlášení: 9be89742-6755-4aaf-9cc1-ab80eb188202
Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (02/13/2021 12:54:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.420.11102.0, časové razítko: 0x5faaa7cb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x3e00
Čas spuštění chybující aplikace: 0x01d701e1a166f175
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a066a816-22c2-4be3-9314-2c94585c8205
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (02/16/2021 02:59:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dashlane Upgrade Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/16/2021 02:59:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dashlane Upgrade Service bylo dosaženo časového limitu (30000 ms).
Error: (02/16/2021 02:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba IntelAudioService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/16/2021 02:56:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby IntelAudioService bylo dosaženo časového limitu (45000 ms).
Error: (02/16/2021 02:52:56 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Malwarebytes Service se po přijetí pokynu pro vypnutí neukončila správně.
Error: (02/16/2021 02:51:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restart the service.
Error: (02/16/2021 02:51:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/16/2021 02:51:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================
Date: 2021-02-16 10:23:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-14 12:05:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-13 19:09:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-13 17:19:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-26 18:49:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-22 08:11:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-22 08:06:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-12 12:23:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.331.222.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-01-18 17:32:28
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.2160.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-01-07 08:24:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1700.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-01-04 12:40:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1575.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2020-09-08 19:38:29
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.9.2.3\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.05 09/12/2017
Motherboard: SKL Venusaur_KL
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 92%
Total physical RAM: 3973.22 MB
Available physical RAM: 311.69 MB
Total Virtual: 8837.22 MB
Available Virtual: 3712.48 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:753.87 GB) NTFS
\\?\Volume{b86194ca-6def-4f19-8158-f8f500245c89}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{f227c6a1-a25f-4932-9a0e-33f39b0dc176}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6C4FA093)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by petra (administrator) on LAPTOP-2KA2KHI3 (Acer Aspire A315-51) (16-02-2021 16:15:38)
Running from C:\Users\petra\Desktop
Loaded Profiles: petra
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\petra\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petra\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petra\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677488 2020-08-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [94898944 2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\petra\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-12] (Google LLC -> Google LLC)
Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-11-01]
ShortcutTarget: MEGAsync.lnk -> C:\Users\petra\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0047A287-F1A1-4DC0-8A30-E86327EAEC89} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {099CB893-AE48-4F3A-8D34-F408952B2D00} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {0A1B78D7-A684-4F7D-856C-68FF524C4CF1} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC} - \AcerCloud -> No File <==== ATTENTION
Task: {25F281A9-BCE2-4624-8DA3-BB72D749DE7B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2FD17618-1346-4E41-B743-ECE94890DB87} - \ACC -> No File <==== ATTENTION
Task: {31EB289D-8939-4057-B372-F928184F3D7C} - \PicstreamAgent -> No File <==== ATTENTION
Task: {355A76DF-E70F-4CF0-891F-94FF7564450B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {374F34FC-E60E-43AC-B364-60306B078DF2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {384BABA2-2F47-4EF7-AA50-7706058F02D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {3C7CC4C2-0B53-45C5-96F4-CA3141B24078} - \Acer Collection Application -> No File <==== ATTENTION
Task: {45F89F73-F044-43A4-A49F-890BAEB0287C} - \Software Update Application -> No File <==== ATTENTION
Task: {496DAD5A-1EF1-4FC7-AF99-FC09574F5A06} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-374904026-1653077518-2199072125-1001 => C:\Users\petra\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-11-26] (Mega Limited -> Mega Limited)
Task: {4B485010-DD7B-4E4D-8C2B-E8B63254D4F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1126296 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {5C84D9D9-F3E4-45F0-9FF9-242298EC58F9} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {5D81326C-D6EC-49A0-AAB5-D8A874E06E83} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {6B56B5D0-E887-4D30-A056-43BC3489B186} - \ACCBackgroundApplication -> No File <==== ATTENTION
Task: {6D588446-7348-4EC3-83A0-375FB17B59FF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {702EB6FC-4A95-4838-A59C-772CC4893A57} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {751AB833-5168-4E47-B575-84C679F68D76} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {7527FFA6-A3C8-4397-83A7-0C91FC43F3E0} - \ACCAgent -> No File <==== ATTENTION
Task: {7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {7B12A878-BBF1-48AF-861F-16052479FF04} - \MonitorAcerPortal -> No File <==== ATTENTION
Task: {83E54F55-FD52-449E-91B5-FC75DF9DBC83} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {A2B42754-7466-4E33-A44F-CD12F316A775} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6A8BB8F-D898-4946-A0B4-5312DBADE7B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE1A8B19-E57C-43FB-B6CF-0611B8904820} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
Task: {B444F08A-0CCE-4E0D-B11C-2697C7C48186} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA} - \Acer Collection Monitor Application -> No File <==== ATTENTION
Task: {C20DBAD6-F62B-42EB-9375-770780AAE3EB} - \Intel PTT EK Recertification -> No File <==== ATTENTION
Task: {C51C1203-DAC7-45A9-BFBA-26E01A6983A3} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {C535078C-3A04-4A94-B6A0-C8786BAA1742} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {F85F65FE-8163-4D79-ACBE-CB75A153417F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {FDB21500-6876-4345-8207-FD229DF0FEE4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{894b96e0-5a95-4d92-be03-587c0fcf6e03}: [DhcpNameServer] 10.0.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-20]
FireFox:
========
FF DefaultProfile: hor6kcb4.default
FF ProfilePath: C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default [2021-01-20]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-09-10]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hor6kcb4.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2021-01-20]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2021-01-13] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-01-13] [Legacy]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR Notifications: Default -> hxxps://very-important.online
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-13]
CHR Extension: (Dokumenty) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-13]
CHR Extension: (Disk Google) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-13]
CHR Extension: (Tabulky) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Reload All Tabs) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2021-01-10]
CHR Extension: (Citace PRO) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2020-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2017-04-24] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2016-08-04] (Dashlane -> Dashlane, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1640240 2020-10-05] (WildTangent Inc -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-31] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-31] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.2.3\Definitions\SDSDefs\20200908.004\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.2.3\Definitions\SDSDefs\20200908.004\NAVEX15.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-16 16:11 - 2021-02-16 16:11 - 000000000 ____D C:\Users\petra\AppData\LocalLow\IGDump
2021-02-16 14:58 - 2021-02-16 14:58 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-16 14:57 - 2021-02-16 14:57 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-16 14:57 - 2021-02-16 14:57 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-16 14:40 - 2021-02-16 14:40 - 008463216 _____ (Malwarebytes) C:\Users\petra\Desktop\adwcleaner_8.1.exe
2021-02-16 14:39 - 2021-02-16 14:51 - 000000000 ____D C:\AdwCleaner
2021-02-16 14:38 - 2021-02-16 14:38 - 008447152 _____ (Malwarebytes) C:\Users\petra\Desktop\AdwCleaner.exe
2021-02-16 14:15 - 2021-02-16 14:15 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-16 14:15 - 2021-02-16 14:15 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-16 14:15 - 2021-02-16 14:15 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-16 14:15 - 2021-02-16 14:15 - 000000000 ____D C:\Users\petra\AppData\Local\mbam
2021-02-16 14:14 - 2021-02-16 14:13 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-16 14:14 - 2021-02-16 14:13 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-16 14:13 - 2021-02-16 14:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-16 14:12 - 2021-02-16 14:12 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-16 14:08 - 2021-02-16 14:08 - 002086424 _____ (Malwarebytes) C:\Users\petra\Desktop\MBSetup.exe
2021-02-16 13:53 - 2021-02-16 13:53 - 000000000 ____D C:\Users\petra\Desktop\Air
2021-02-16 12:42 - 2021-02-16 16:19 - 000020392 _____ C:\Users\petra\Desktop\FRST.txt
2021-02-16 12:41 - 2021-02-16 16:17 - 000000000 ____D C:\FRST
2021-02-16 12:39 - 2021-02-16 12:40 - 002297856 _____ (Farbar) C:\Users\petra\Desktop\FRST64.exe
2021-02-16 12:37 - 2021-02-16 12:37 - 000000000 ____D C:\Users\petra\AppData\Local\D3DSCache
2021-02-13 16:47 - 2021-02-13 18:13 - 000000000 ____D C:\Users\petra\Desktop\Vinted 2021
2021-02-13 16:37 - 2021-02-13 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2021-02-13 16:37 - 2021-02-13 16:37 - 000000000 ____D C:\ProgramData\MEGAsync
2021-02-12 14:28 - 2021-02-12 14:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 14:28 - 2021-02-12 14:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 14:27 - 2021-02-12 14:27 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 14:27 - 2021-02-12 14:27 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 14:25 - 2021-02-12 14:25 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-01-22 09:27 - 2021-01-22 09:27 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-20 13:54 - 2021-01-20 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-18 19:02 - 2021-01-18 19:02 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-18 19:02 - 2021-01-18 19:02 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-18 19:02 - 2021-01-18 19:02 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-18 19:02 - 2021-01-18 19:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-18 19:01 - 2021-01-18 19:01 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-18 19:01 - 2021-01-18 19:01 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-18 19:01 - 2021-01-18 19:01 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-18 19:01 - 2021-01-18 19:01 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-18 19:01 - 2021-01-18 19:01 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-18 19:01 - 2021-01-18 19:01 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-18 19:00 - 2021-01-18 19:00 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-18 19:00 - 2021-01-18 19:00 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-18 18:59 - 2021-01-18 18:59 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-18 18:59 - 2021-01-18 18:59 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-18 18:58 - 2021-01-18 18:58 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-18 18:58 - 2021-01-18 18:58 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-18 18:58 - 2021-01-18 18:58 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-18 18:57 - 2021-01-18 18:57 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-18 18:57 - 2021-01-18 18:57 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-18 18:56 - 2021-01-18 18:56 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-18 18:55 - 2021-01-18 18:55 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-18 18:55 - 2021-01-18 18:55 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-18 18:54 - 2021-01-18 18:54 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-18 18:54 - 2021-01-18 18:54 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-18 18:54 - 2021-01-18 18:54 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-18 18:53 - 2021-01-18 18:53 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-18 18:52 - 2021-01-18 18:52 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-18 18:51 - 2021-01-18 18:51 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-18 18:51 - 2021-01-18 18:51 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-18 18:51 - 2021-01-18 18:51 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-18 18:51 - 2021-01-18 18:51 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-18 18:50 - 2021-01-18 18:50 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-18 18:49 - 2021-01-18 18:49 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-18 18:49 - 2021-01-18 18:49 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-18 18:48 - 2021-01-18 18:48 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-18 18:47 - 2021-01-18 18:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-18 18:47 - 2021-01-18 18:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-18 18:46 - 2021-01-18 18:46 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-18 18:46 - 2021-01-18 18:46 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-16 16:25 - 2020-09-06 17:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-16 15:47 - 2020-09-07 10:05 - 000003500 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2021-02-16 15:17 - 2020-10-25 19:29 - 000000000 ____D C:\Users\petra\AppData\Local\Deployment
2021-02-16 15:17 - 2020-09-30 07:33 - 000000000 ____D C:\Users\petra\Desktop\Farmacie
2021-02-16 15:00 - 2020-09-08 17:55 - 000000000 ___RD C:\Users\petra\OneDrive
2021-02-16 14:57 - 2020-09-08 17:47 - 000000000 __SHD C:\Users\petra\IntelGraphicsProfiles
2021-02-16 14:55 - 2020-09-07 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-16 14:54 - 2020-09-07 09:29 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-16 14:53 - 2020-09-06 17:41 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-16 14:51 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-02-16 14:14 - 2020-09-06 17:56 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-16 12:33 - 2020-09-07 09:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-16 12:10 - 2020-09-08 17:44 - 000000000 ____D C:\Users\petra\AppData\Local\Host App Service
2021-02-16 11:45 - 2020-09-08 17:47 - 000000000 ____D C:\Users\petra\AppData\Local\Packages
2021-02-15 09:11 - 2017-12-07 04:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-14 11:18 - 2020-09-06 17:56 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-14 11:18 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-13 22:12 - 2020-09-15 13:38 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-13 17:04 - 2020-09-30 06:54 - 000002368 _____ C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-13 17:04 - 2020-09-30 06:54 - 000002360 _____ C:\Users\petra\Desktop\Microsoft Teams.lnk
2021-02-13 16:46 - 2020-11-28 09:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-13 16:43 - 2020-11-28 09:06 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-13 16:41 - 2020-11-01 12:37 - 000000000 ___RD C:\Users\petra\Documents\MEGA
2021-02-13 16:40 - 2020-09-06 17:54 - 000000000 ____D C:\WINDOWS\INF
2021-02-13 13:36 - 2020-09-07 10:07 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-13 13:36 - 2020-09-06 18:02 - 000717828 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-13 13:36 - 2020-09-06 18:02 - 000144990 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 13:09 - 2020-09-07 09:29 - 000439016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-13 13:08 - 2021-01-13 17:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-13 13:08 - 2017-12-07 04:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-13 13:04 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 13:04 - 2020-09-06 17:41 - 000000000 ____D C:\WINDOWS\servicing
2021-02-13 12:56 - 2020-12-15 08:58 - 000000000 ____D C:\Users\petra\AppData\Roaming\vlc
2021-02-12 14:49 - 2020-09-06 17:46 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-12 13:48 - 2020-09-08 17:56 - 000000000 ___HD C:\$WinREAgent
2021-02-12 13:28 - 2020-09-08 17:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 13:21 - 2020-09-08 17:56 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 12:54 - 2020-09-13 09:55 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-12 12:35 - 2020-09-07 09:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-12 12:30 - 2020-09-13 09:53 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-12 12:30 - 2020-09-13 09:53 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-12 12:24 - 2020-09-15 13:37 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-12 12:24 - 2020-09-15 13:37 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-12 11:33 - 2020-09-08 17:55 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-374904026-1653077518-2199072125-1001
2021-02-12 11:33 - 2020-09-08 17:44 - 000002365 _____ C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-22 07:25 - 2020-09-08 17:49 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-20 15:46 - 2020-09-08 17:50 - 000000000 ____D C:\Users\petra\AppData\LocalLow\Mozilla
2021-01-20 13:52 - 2017-12-07 04:33 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-19 00:35 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\WINDOWS\IME
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-19 00:34 - 2020-09-06 17:56 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-19 00:32 - 2020-09-08 17:44 - 000000000 ____D C:\Users\petra
2021-01-18 18:46 - 2020-09-07 09:32 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by petra (16-02-2021 16:26:56)
Running from C:\Users\petra\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-09-07 09:06:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-374904026-1653077518-2199072125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-374904026-1653077518-2199072125-503 - Limited - Disabled)
Guest (S-1-5-21-374904026-1653077518-2199072125-501 - Limited - Disabled)
petra (S-1-5-21-374904026-1653077518-2199072125-1001 - Administrator - Enabled) => C:\Users\petra
WDAGUtilityAccount (S-1-5-21-374904026-1653077518-2199072125-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{E3930B59-5669-4BAB-A329-D56C1427C613}) (Version: 3.3.19180.100 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3028 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3004 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Citace PRO (HKLM-x32\...\{D6806374-5BC5-41F2-8575-15BE857D905B}) (Version: 4.0.5 - Citace.com)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.12.0 - Dashlane, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1050 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9000.1 - Realtek Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.21759 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.1 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.428 - WildTangent) Hidden
Packages:
=========
abFiles -> C:\Program Files\WindowsApps\acerincorporated.abfiles_1.0.7.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
abPhoto -> C:\Program Files\WindowsApps\AcerIncorporated.6245439DEEE9E_1.0.10.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Acer Collection -> C:\Program Files\WindowsApps\acerincorporated.acercollection_1.1.3013.0_x64__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Acer Portal -> C:\Program Files\WindowsApps\acerincorporated.acerportal_1.1.9.0_x86__48frkmn4z8aw4 [2020-09-06] (Acer Incorporated)
Booking.com -> C:\Program Files\WindowsApps\booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2020-09-07] (CN=Acer Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-11-28] (Canon Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-12] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-09-06] (MAGIX)
PhotoDirector for acer -> C:\Program Files\WindowsApps\cyberlinkcorp.ac.photodirectorforacerdesktop_8.0.5229.0_x64__ypz87dpxkv292 [2020-09-06] (CYBERLINK COM CORP)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-01] (Microsoft Corporation)
PowerDirector for acer -> C:\Program Files\WindowsApps\cyberlinkcorp.ac.powerdirectorforacerdesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-09-06] (CYBERLINK COM CORP)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.0.55.0_x64__kx24dqmazqk8j [2021-02-12] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.0.0.0_x64__kx24dqmazqk8j [2020-12-09] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.0.63.0_x64__kx24dqmazqk8j [2020-11-16] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-12] (Spotify AB) [Startup Task]
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2020-09-06] (WildTangent Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\petra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{AC17C382-4ACE-4118-B4E4-D02831BE2DF4} -> [MEGA] => C:\Users\petra\Documents\MEGA [2020-11-01 12:37]
CustomCLSID: HKU\S-1-5-21-374904026-1653077518-2199072125-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\petra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-03-16] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_57f66a4f0a97f1a3\igfxDTCM.dll [2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-01 12:38 - 2020-11-01 12:38 - 013053440 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\avcodec-58.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 002290176 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\avformat-58.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000521728 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\avutil-56.dll
2019-05-14 01:06 - 2020-11-01 12:38 - 000065024 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\cares.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000145408 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\swresample-3.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000570880 _____ () [File not signed] C:\Users\petra\AppData\Local\MEGAsync\swscale-5.dll
2017-12-07 04:38 - 2017-12-07 04:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2017-12-07 04:38 - 2017-12-07 04:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2019-05-14 01:06 - 2020-11-01 12:38 - 000295936 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\libcurl.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 002444288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\libcrypto-1_1.dll
2020-11-01 12:38 - 2020-11-01 12:38 - 000504320 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\libssl-1_1.dll
2019-05-14 01:06 - 2020-11-01 12:38 - 005118072 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\petra\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-374904026-1653077518-2199072125-1001\...\sharepoint.com -> hxxps://ucnmuni-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-374904026-1653077518-2199072125-1001\Control Panel\Desktop\\Wallpaper -> D:\Porovnané věci na disku 2020\Obrázky\2020\Sněžnice\IMG_0366.JPG
DNS Servers: 10.0.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{603FDE1E-4C46-4C7C-87CD-D619DA09614D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E25A089-12C3-46CC-A7C5-79127ACF5164}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A6D465DC-9239-4BA8-825F-40DE79F68D18}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0EA10470-7DCB-468C-87BA-58EE68DAB84F}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64196989-3734-415C-A41A-056B0C644D25}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A8EB41E-2943-4FA1-91F5-DA8911EE47AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1E5093C-8873-4C32-8B29-CFB469FCAD35}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{035A59FB-A9A2-40BB-8F15-86D99E964A51}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D13E996-05CE-4FC5-891A-C6A4AAF4C2BD}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6D4F2A93-A806-4406-ABE3-AAC09767882B}C:\users\petra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFB8AACD-7CA6-4E2C-80DD-40BC7BABCA8B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB4D8333-D45C-473E-89B6-04D940C25C19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26E76A62-08DB-4430-AF40-9CE7B0EBBEB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3B67697D-E634-48DD-8BBF-57E67B4EE86E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{896AC0BD-0680-4387-AF79-A188515088B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{68F24439-0CDD-4B4D-ABEF-C4E710D4F055}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE06F4DA-D773-45D6-BA47-784EFA6F471F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2E55B872-CE5F-456E-AA77-052C76F318E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EB60448-CE57-4FE2-A5E7-180284CA8051}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{607B1112-D40A-4A85-ADEB-10717DB34621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{831C6A29-D2FE-4D94-82B0-0701A7800012}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9BEA79B-0164-4790-9B1C-F8CD58EC08EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A29788D4-3AB1-4707-8AD9-A345E8417A03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37EE3FAF-4278-4007-8BAB-CD5BD9ECB95C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
12-02-2021 13:29:14 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/16/2021 02:51:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WildTangentHelperService.exe, verze: 1.0.0.428, časové razítko: 0x5f7b7a2c
Název chybujícího modulu: WildTangentHelperService.exe, verze: 1.0.0.428, časové razítko: 0x5f7b7a2c
Kód výjimky: 0xc0000005
Posun chyby: 0x000dc200
ID chybujícího procesu: 0x7c0
Čas spuštění chybující aplikace: 0x01d7046ac7b58e6e
Cesta k chybující aplikaci: C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
ID zprávy: 1db7feaf-32a0-4de2-82cf-b38d2b63f677
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/16/2021 08:44:13 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/15/2021 09:14:42 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Context: Application, SystemIndex Catalog
Error: (02/15/2021 09:04:29 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/14/2021 08:18:40 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/13/2021 10:09:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20110.11001.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1b84
Čas spuštění: 01d7022b6376ac6a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: db0f004d-4754-4c81-ac1a-231e76c4527a
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (02/13/2021 12:57:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3370
Čas spuštění: 01d701310361978e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
ID hlášení: 9be89742-6755-4aaf-9cc1-ab80eb188202
Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (02/13/2021 12:54:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.420.11102.0, časové razítko: 0x5faaa7cb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x3e00
Čas spuštění chybující aplikace: 0x01d701e1a166f175
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a066a816-22c2-4be3-9314-2c94585c8205
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (02/16/2021 02:59:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dashlane Upgrade Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/16/2021 02:59:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dashlane Upgrade Service bylo dosaženo časového limitu (30000 ms).
Error: (02/16/2021 02:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba IntelAudioService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/16/2021 02:56:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby IntelAudioService bylo dosaženo časového limitu (45000 ms).
Error: (02/16/2021 02:52:56 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Malwarebytes Service se po přijetí pokynu pro vypnutí neukončila správně.
Error: (02/16/2021 02:51:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restart the service.
Error: (02/16/2021 02:51:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/16/2021 02:51:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================
Date: 2021-02-16 10:23:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-14 12:05:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-13 19:09:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-13 17:19:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-26 18:49:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-22 08:11:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-22 08:06:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-12 12:23:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.331.222.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-02-04 18:21:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3019.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070670
Error description: No valid sequence could be found for the set of updates.
Date: 2021-01-18 17:32:28
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.2160.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-01-07 08:24:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1700.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-01-04 12:40:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1575.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2020-09-08 19:38:29
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.9.2.3\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.05 09/12/2017
Motherboard: SKL Venusaur_KL
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 92%
Total physical RAM: 3973.22 MB
Available physical RAM: 311.69 MB
Total Virtual: 8837.22 MB
Available Virtual: 3712.48 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:753.87 GB) NTFS
\\?\Volume{b86194ca-6def-4f19-8158-f8f500245c89}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{f227c6a1-a25f-4932-9a0e-33f39b0dc176}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6C4FA093)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {0047A287-F1A1-4DC0-8A30-E86327EAEC89} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {0A1B78D7-A684-4F7D-856C-68FF524C4CF1} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC} - \AcerCloud -> No File <==== ATTENTION
Task: {2FD17618-1346-4E41-B743-ECE94890DB87} - \ACC -> No File <==== ATTENTION
Task: {31EB289D-8939-4057-B372-F928184F3D7C} - \PicstreamAgent -> No File <==== ATTENTION
Task: {3C7CC4C2-0B53-45C5-96F4-CA3141B24078} - \Acer Collection Application -> No File <==== ATTENTION
Task: {45F89F73-F044-43A4-A49F-890BAEB0287C} - \Software Update Application -> No File <==== ATTENTION
Task: {384BABA2-2F47-4EF7-AA50-7706058F02D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {5C84D9D9-F3E4-45F0-9FF9-242298EC58F9} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {5D81326C-D6EC-49A0-AAB5-D8A874E06E83} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {6B56B5D0-E887-4D30-A056-43BC3489B186} - \ACCBackgroundApplication -> No File <==== ATTENTION
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {7527FFA6-A3C8-4397-83A7-0C91FC43F3E0} - \ACCAgent -> No File <==== ATTENTION
Task: {7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {7B12A878-BBF1-48AF-861F-16052479FF04} - \MonitorAcerPortal -> No File <==== ATTENTION
Task: {83E54F55-FD52-449E-91B5-FC75DF9DBC83} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {AE1A8B19-E57C-43FB-B6CF-0611B8904820} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
Task: {B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA} - \Acer Collection Monitor Application -> No File <==== ATTENTION
Task: {C20DBAD6-F62B-42EB-9375-770780AAE3EB} - \Intel PTT EK Recertification -> No File <==== ATTENTION
Task: {F85F65FE-8163-4D79-ACBE-CB75A153417F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by petra (16-02-2021 17:23:07) Run:1
Running from C:\Users\petra\Desktop
Loaded Profiles: petra
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {0047A287-F1A1-4DC0-8A30-E86327EAEC89} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {0A1B78D7-A684-4F7D-856C-68FF524C4CF1} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC} - \AcerCloud -> No File <==== ATTENTION
Task: {2FD17618-1346-4E41-B743-ECE94890DB87} - \ACC -> No File <==== ATTENTION
Task: {31EB289D-8939-4057-B372-F928184F3D7C} - \PicstreamAgent -> No File <==== ATTENTION
Task: {3C7CC4C2-0B53-45C5-96F4-CA3141B24078} - \Acer Collection Application -> No File <==== ATTENTION
Task: {45F89F73-F044-43A4-A49F-890BAEB0287C} - \Software Update Application -> No File <==== ATTENTION
Task: {384BABA2-2F47-4EF7-AA50-7706058F02D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {5C84D9D9-F3E4-45F0-9FF9-242298EC58F9} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {5D81326C-D6EC-49A0-AAB5-D8A874E06E83} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {6B56B5D0-E887-4D30-A056-43BC3489B186} - \ACCBackgroundApplication -> No File <==== ATTENTION
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {7527FFA6-A3C8-4397-83A7-0C91FC43F3E0} - \ACCAgent -> No File <==== ATTENTION
Task: {7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {7B12A878-BBF1-48AF-861F-16052479FF04} - \MonitorAcerPortal -> No File <==== ATTENTION
Task: {83E54F55-FD52-449E-91B5-FC75DF9DBC83} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {AE1A8B19-E57C-43FB-B6CF-0611B8904820} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
Task: {B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA} - \Acer Collection Monitor Application -> No File <==== ATTENTION
Task: {C20DBAD6-F62B-42EB-9375-770780AAE3EB} - \Intel PTT EK Recertification -> No File <==== ATTENTION
Task: {F85F65FE-8163-4D79-ACBE-CB75A153417F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0047A287-F1A1-4DC0-8A30-E86327EAEC89}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0047A287-F1A1-4DC0-8A30-E86327EAEC89}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0A1B78D7-A684-4F7D-856C-68FF524C4CF1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A1B78D7-A684-4F7D-856C-68FF524C4CF1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C518199-F01B-42CF-9CB7-16710B002812}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C518199-F01B-42CF-9CB7-16710B002812}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2FD17618-1346-4E41-B743-ECE94890DB87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FD17618-1346-4E41-B743-ECE94890DB87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31EB289D-8939-4057-B372-F928184F3D7C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31EB289D-8939-4057-B372-F928184F3D7C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PicstreamAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C7CC4C2-0B53-45C5-96F4-CA3141B24078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C7CC4C2-0B53-45C5-96F4-CA3141B24078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Application" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45F89F73-F044-43A4-A49F-890BAEB0287C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45F89F73-F044-43A4-A49F-890BAEB0287C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Update Application" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{384BABA2-2F47-4EF7-AA50-7706058F02D0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384BABA2-2F47-4EF7-AA50-7706058F02D0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B6926D3-D490-4D93-82CE-D109F1D1BC80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B6926D3-D490-4D93-82CE-D109F1D1BC80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sih" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C84D9D9-F3E4-45F0-9FF9-242298EC58F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C84D9D9-F3E4-45F0-9FF9-242298EC58F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Policy Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D81326C-D6EC-49A0-AAB5-D8A874E06E83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D81326C-D6EC-49A0-AAB5-D8A874E06E83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B56B5D0-E887-4D30-A056-43BC3489B186}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B56B5D0-E887-4D30-A056-43BC3489B186}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7072963F-3763-4E9F-A1F5-DE9703BAE827}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7072963F-3763-4E9F-A1F5-DE9703BAE827}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B12A878-BBF1-48AF-861F-16052479FF04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B12A878-BBF1-48AF-861F-16052479FF04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MonitorAcerPortal" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83E54F55-FD52-449E-91B5-FC75DF9DBC83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83E54F55-FD52-449E-91B5-FC75DF9DBC83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE1A8B19-E57C-43FB-B6CF-0611B8904820}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1A8B19-E57C-43FB-B6CF-0611B8904820}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Monitor Application" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20DBAD6-F62B-42EB-9375-770780AAE3EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20DBAD6-F62B-42EB-9375-770780AAE3EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel PTT EK Recertification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F85F65FE-8163-4D79-ACBE-CB75A153417F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F85F65FE-8163-4D79-ACBE-CB75A153417F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 199674909 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 9973428 B
Edge => 12288 B
Chrome => 914611604 B
Firefox => 292386821 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 28976 B
NetworkService => 104366756 B
petra => 277469446 B
RecycleBin => 4304388687 B
EmptyTemp: => 5.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-02-2021 17:35:17)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 17:35:20 ====
Ran by petra (16-02-2021 17:23:07) Run:1
Running from C:\Users\petra\Desktop
Loaded Profiles: petra
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {0047A287-F1A1-4DC0-8A30-E86327EAEC89} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {0A1B78D7-A684-4F7D-856C-68FF524C4CF1} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC} - \AcerCloud -> No File <==== ATTENTION
Task: {2FD17618-1346-4E41-B743-ECE94890DB87} - \ACC -> No File <==== ATTENTION
Task: {31EB289D-8939-4057-B372-F928184F3D7C} - \PicstreamAgent -> No File <==== ATTENTION
Task: {3C7CC4C2-0B53-45C5-96F4-CA3141B24078} - \Acer Collection Application -> No File <==== ATTENTION
Task: {45F89F73-F044-43A4-A49F-890BAEB0287C} - \Software Update Application -> No File <==== ATTENTION
Task: {384BABA2-2F47-4EF7-AA50-7706058F02D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {5C84D9D9-F3E4-45F0-9FF9-242298EC58F9} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {5D81326C-D6EC-49A0-AAB5-D8A874E06E83} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {6B56B5D0-E887-4D30-A056-43BC3489B186} - \ACCBackgroundApplication -> No File <==== ATTENTION
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {7527FFA6-A3C8-4397-83A7-0C91FC43F3E0} - \ACCAgent -> No File <==== ATTENTION
Task: {7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-13] (Google LLC -> Google LLC)
Task: {7B12A878-BBF1-48AF-861F-16052479FF04} - \MonitorAcerPortal -> No File <==== ATTENTION
Task: {83E54F55-FD52-449E-91B5-FC75DF9DBC83} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {AE1A8B19-E57C-43FB-B6CF-0611B8904820} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
Task: {B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA} - \Acer Collection Monitor Application -> No File <==== ATTENTION
Task: {C20DBAD6-F62B-42EB-9375-770780AAE3EB} - \Intel PTT EK Recertification -> No File <==== ATTENTION
Task: {F85F65FE-8163-4D79-ACBE-CB75A153417F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0047A287-F1A1-4DC0-8A30-E86327EAEC89}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0047A287-F1A1-4DC0-8A30-E86327EAEC89}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0A1B78D7-A684-4F7D-856C-68FF524C4CF1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A1B78D7-A684-4F7D-856C-68FF524C4CF1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C518199-F01B-42CF-9CB7-16710B002812}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C518199-F01B-42CF-9CB7-16710B002812}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D471DE1-E45E-4A1E-AB6F-97CA8CF3C6EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2FD17618-1346-4E41-B743-ECE94890DB87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FD17618-1346-4E41-B743-ECE94890DB87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31EB289D-8939-4057-B372-F928184F3D7C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31EB289D-8939-4057-B372-F928184F3D7C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PicstreamAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C7CC4C2-0B53-45C5-96F4-CA3141B24078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C7CC4C2-0B53-45C5-96F4-CA3141B24078}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Application" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45F89F73-F044-43A4-A49F-890BAEB0287C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45F89F73-F044-43A4-A49F-890BAEB0287C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Update Application" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{384BABA2-2F47-4EF7-AA50-7706058F02D0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384BABA2-2F47-4EF7-AA50-7706058F02D0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B6926D3-D490-4D93-82CE-D109F1D1BC80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B6926D3-D490-4D93-82CE-D109F1D1BC80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sih" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C84D9D9-F3E4-45F0-9FF9-242298EC58F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C84D9D9-F3E4-45F0-9FF9-242298EC58F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Policy Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D81326C-D6EC-49A0-AAB5-D8A874E06E83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D81326C-D6EC-49A0-AAB5-D8A874E06E83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B56B5D0-E887-4D30-A056-43BC3489B186}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B56B5D0-E887-4D30-A056-43BC3489B186}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7072963F-3763-4E9F-A1F5-DE9703BAE827}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7072963F-3763-4E9F-A1F5-DE9703BAE827}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7527FFA6-A3C8-4397-83A7-0C91FC43F3E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7740FA5C-0F67-4C4A-BC61-AF0E0DE94A76}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B12A878-BBF1-48AF-861F-16052479FF04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B12A878-BBF1-48AF-861F-16052479FF04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MonitorAcerPortal" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83E54F55-FD52-449E-91B5-FC75DF9DBC83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83E54F55-FD52-449E-91B5-FC75DF9DBC83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE1A8B19-E57C-43FB-B6CF-0611B8904820}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1A8B19-E57C-43FB-B6CF-0611B8904820}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4659B18-CD00-4F9D-AEF8-CEEC5565E0DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acer Collection Monitor Application" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20DBAD6-F62B-42EB-9375-770780AAE3EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20DBAD6-F62B-42EB-9375-770780AAE3EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel PTT EK Recertification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F85F65FE-8163-4D79-ACBE-CB75A153417F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F85F65FE-8163-4D79-ACBE-CB75A153417F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 199674909 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 9973428 B
Edge => 12288 B
Chrome => 914611604 B
Firefox => 292386821 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 28976 B
NetworkService => 104366756 B
petra => 277469446 B
RecycleBin => 4304388687 B
EmptyTemp: => 5.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-02-2021 17:35:17)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 17:35:20 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Nezdá se mi to výrazně lepší. Je ještě něco co bych mohla udělat?
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Mockrát Vám děkuji, zdá se to být lepší 
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
To jsem rád a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?