Pomalý NTB

[keijei]

Dobrý den,

prosím o kontrolu logů, NTB je neskutečně pomalý. Hádám na nějaké potvory...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.01.2024
Ran by Simona (administrator) on SIMONKA (ASUSTeK COMPUTER INC. X550VB) (14-01-2024 10:26:03)
Running from C:\Users\Simona\Downloads\FRST64.exe
Loaded Profiles: UpdatusUser & Simona
Platform: Microsoft Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\ProgramData\DatacardService\HWDeviceService64.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(CompatTelRunner.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\E644B111-A764-4BBE-90FE-127B71DDDCF8\DismHost.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Simona\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-07-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2652832 2021-06-25] (Skutta, Kristjan -> )
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [Spotify] => C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe [20382072 2023-03-05] (Spotify AB -> Spotify Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-14] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll [2013-10-25] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D5476147-2D0E-4D88-903A-B222216E381C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (No File)
Task: {57900425-CC33-49DE-A3AF-0DD8FFD94E22} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -check (No File)
Task: {0E3B32FC-5FD4-4DD2-B7ED-081200912B39} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {332B1CD6-4ED7-4360-BA68-4E27E5E0E70C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {50CDDEA7-0D96-4B15-8DBE-3D895DACE48E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {19D3D3D4-897C-435A-9059-920A8BDCD41A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "daa9c885-3027-4754-9c77-06edc10de0dd" --version "6.11.10455" --silent
Task: {8E162195-76E1-467F-9546-EC107D49DF6E} - System32\Tasks\CCleanerSkipUAC - Simona => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8F2D27CD-18D4-41A5-AE17-C91D4952A283} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {6901F6BA-3969-45FD-96F1-1EBA30838E42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {0D8C771E-A0EF-4368-BAA9-856DE568EFB5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A1A94BC-9D2D-46E5-9EA6-F372609F72A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26325928 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2AAB74F-149A-4199-BDD4-EEB01267DB76} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26325928 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {0255FBD5-3342-4EC6-BB20-19DB569C4B31} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144304 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E98373DB-7B4D-4438-BCEF-2C7190AC5A18} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144304 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {979B5228-60AC-4063-B90A-BF46830009D4} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A18634B-45C4-4D48-8C16-19B017A1B19C} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3825288 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F679076-0A7B-4F7E-9C3E-DA2A6FC2B3BB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1003432 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDCB3834-DC9B-42F0-8C7D-9B49DED4FC9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {973E1323-031D-4262-9E29-1D2479765886} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AA6863D-DF44-4FF0-93CF-FE4589ABC8F2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\27563747165727163656D28656A616: [DhcpNameServer] 84.244.91.2 84.244.91.14
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\84F64756C602741627E696: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\B65726563716F586F6D656: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\C4F63796E6B6161316: [DhcpNameServer] 10.10.10.1
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\C696E6B6379737: [DhcpNameServer] 10.10.10.1
Tcpip\..\Interfaces\{8F7066D4-7694-4C57-8A65-84AF34554C33}: [DhcpNameServer] 192.168.56.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Simona\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-14]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
Edge Extension: (Edge relevant text changes) - C:\Users\Simona\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-11]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default [2024-01-14]
CHR Notifications: Default -> hxxps://modivo.cz; hxxps://remixshop.com; hxxps://teams.microsoft.com; hxxps://www.babylonshop.cz; hxxps://www.dobre-knihy.cz; hxxps://www.farmasi.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (BetterTTV) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-01-08]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-31]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12549056 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-13] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [19264 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Tech. Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [226176 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-14 10:26 - 2024-01-14 10:27 - 000022739 _____ C:\Users\Simona\Downloads\FRST.txt
2024-01-14 10:21 - 2024-01-14 10:25 - 002389504 _____ (Farbar) C:\Users\Simona\Downloads\FRST64.exe
2024-01-14 10:16 - 2024-01-14 10:16 - 000000000 ____D C:\ProgramData\Piriform

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-14 10:26 - 2020-02-16 09:04 - 000000000 ____D C:\FRST
2024-01-14 10:16 - 2016-03-25 18:01 - 000000000 ____D C:\Program Files\CCleaner
2024-01-14 10:16 - 2014-11-07 19:26 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-14 10:15 - 2014-11-21 18:40 - 000003970 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FF622C8F-693B-44EE-8E1F-F8C5DFE8E56D}
2024-01-14 10:12 - 2014-09-24 17:23 - 001739092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-14 10:12 - 2014-09-24 16:39 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-14 10:12 - 2014-09-24 16:39 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-14 10:12 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2024-01-14 10:05 - 2014-11-17 17:20 - 000000000 ____D C:\Users\Simona
2024-01-14 10:05 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-13 16:35 - 2014-11-07 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-13 16:26 - 2014-11-07 21:30 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-11 21:39 - 2015-02-17 16:47 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-09 14:28 - 2022-03-06 15:04 - 000000000 ____D C:\Users\Simona\AppData\Local\Spotify
2024-01-09 14:27 - 2018-08-09 07:37 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Spotify
2023-12-30 13:25 - 2023-05-13 12:25 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-26 14:46 - 2015-01-18 10:48 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Microsoft\Excel

==================== Files in the root of some directories ========

2014-11-07 19:20 - 2020-02-15 16:18 - 000000062 _____ () C:\Users\Simona\AppData\Roaming\sp_data.sys
2021-05-15 06:27 - 2021-05-15 06:27 - 000007618 _____ () C:\Users\Simona\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2024-01-13 17:48
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.01.2024
Ran by Simona (14-01-2024 10:29:06)
Running from C:\Users\Simona\Downloads
Microsoft Windows 8.1 (Update) (X64) (2014-11-17 16:43:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3147881395-1193290844-1118327318-500 - Administrator - Disabled)
Guest (S-1-5-21-3147881395-1193290844-1118327318-501 - Limited - Disabled)
Simona (S-1-5-21-3147881395-1193290844-1118327318-1002 - Administrator - Enabled) => C:\Users\Simona
UpdatusUser (S-1-5-21-3147881395-1193290844-1118327318-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.170 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.168 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}) (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.15928.20282 - Microsoft Corporation)
Microsoft Access MUI (English) 2013 (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Excel MUI (English) 2013 (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (English) 2013 (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneNote MUI (English) 2013 (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Teams) (Version: 1.2.00.17057 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}) (Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15928.20282 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{0DF95460-2887-4011-9344-1959CDF18ADC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{49110532-D289-4BFF-807C-45B782E66A7C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{AA82E5EF-70C2-41CB-8432-309078304CBB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{C67BC332-A59A-4D40-977F-664F60AB21D8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{EB91007A-0110-42A6-B869-2709955A9B2A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{30F99474-EBE3-4134-A02B-F6CD38CFE243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{63824BC0-B747-43F3-9863-1066D64AD919}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Spotify) (Version: 1.2.5.1006.g22820f93 - Spotify AB)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
Windows Live Communications Platform (HKLM-x32\...\{0454BB9A-2A7A-4214-BDFF-937F7A711A44}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{FE7C0B3D-50B9-4951-BE78-A321CBF86552}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{4CCBD1F4-CEEC-452A-9CB8-46564B501315}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{56232E3D-7EA9-45E0-A371-26CD80510AF7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E18F981B-401C-4D90-BC57-D8903564D558}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

Packages:
=========
ASUS Tutorial -> C:\Program Files\WindowsApps\B9ECED6F.ASUSTutorial_1.0.0.43_neutral__qmba6cd70vzyy [2014-11-07] (ASUSTeK COMPUTER INC.)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-02-07] (Microsoft Corporation)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-09-24] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-10] (MAGIX)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-14] (Microsoft Studios)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-18] (Microsoft Corporation) [MS Ad]
Výběr prohlížeče -> C:\WINDOWS\BrowserChoice [2014-11-21] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2013-07-08] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {853715EE-F728-4694-B4BB-90C4F45A5031} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\sharepoint.com -> hxxps://vsb-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Simona\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta programu Fotogalerie.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{075C8C06-DC1A-41D3-A86F-3DD9CBD8CB51}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{3BCC1669-4C41-4DF3-ACEA-F34DFB70F79C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3227D96C-8A7C-407C-A11F-B9165331FE48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE4527CE-2A5B-4184-9400-66CCB5774BE7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F7EF5EB-E1C4-446F-A123-603E4CFC5036}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{487CD657-2EA0-4FEC-BD28-AD13263AFAF5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51CDDE24-016D-4F5B-AECD-FB175F173F28}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6B81296-66BF-470E-BD47-4D9F029AE160}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{968EA77F-2733-4D95-B7E6-6F08AE4541D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B472C29-3D4E-4084-866E-2073CAAF20B3}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{EAF90B35-5598-4B65-967E-E1494E214ED8}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{B4DB4FAE-EF54-4D34-A9CF-E6AD46D68C66}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4ED25F5D-3D16-4A9F-A553-A5568A42E322}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4E3AD669-EE76-4C4C-A60F-1F6B98BA8859}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18E9748F-662E-4E86-83B6-5567AF692485}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2470698F-668A-4991-B5B8-1863A5F46DA7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CADA21BD-218C-45B5-B5CD-76A44DE13F43}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2F6A8B93-2808-44DB-85F9-DEF3D87536D8}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{410B4579-BE3C-4A85-B3F3-C368D1F5362C}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0FFD3A7E-6554-4A36-A53A-840F76D319C2}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{496CA31D-49BE-4EF5-B9A2-2F05B8FCDFF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C7F786E4-2768-4F62-AA0D-AE3AD94AF95B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31D3911F-9DDC-4616-AA07-996C8FADB8D8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72D22FFB-9683-4F7A-A6AB-7E8AB5A821D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F3D36AF-58CE-4CCB-822E-5C141C1CC5B2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F06DC326-C83F-432A-BB0F-E8E704ED2118}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-12-2023 13:16:41 Naplánovaný kontrolní bod
03-01-2024 14:47:06 Naplánovaný kontrolní bod
13-01-2024 18:14:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/14/2024 10:06:46 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:46 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:46 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:43 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:39 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Správce modulu plug-in <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows

Podrobnosti:
(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (01/14/2024 10:06:38 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)

Error: (01/14/2024 10:06:37 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
0x8e5e0210 (0x8e5e0210)

Error: (01/14/2024 10:06:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (3424) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00037.log došlo k chybě -1811 (0xfffff8ed).


System errors:
=============
Error: (01/14/2024 10:34:20 AM) (Source: DCOM) (EventID: 10010) (User: Simonka)
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/14/2024 10:32:20 AM) (Source: DCOM) (EventID: 10010) (User: Simonka)
Description: Server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/14/2024 10:12:14 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service přestala během spouštění reagovat.

Error: (01/14/2024 10:06:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/14/2024 10:06:46 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Error: (01/14/2024 10:06:27 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.

Error: (01/14/2024 10:05:01 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:44:27, ‎13. ‎1. ‎2024) bylo neočekávané.

Error: (01/13/2024 05:48:52 PM) (Source: DCOM) (EventID: 10010) (User: Simonka)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2024-01-03 14:42:04.806
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B17E1EF5-6915-4E1D-8E33-72FFBDF33316}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-28 16:36:15.282
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EF77060C-7AEC-4422-A647-1585F0CA67BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-07 13:54:00.004
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F190163F-7C18-4068-87A6-25D90471CF18}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-24 10:55:51.431
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B55CB18A-ED6E-4383-96BD-92DC35F4E5DA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-22 13:51:49.448
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {08DF10F2-4AF8-4ADC-80E4-0EC4D668E49E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-12-26 13:36:42.220
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x800705b4
Popis chyby :Daná operace se vrátila, protože vypršel časový limit.

Date: 2023-12-26 13:36:42.220
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x800705b4
Popis chyby :Daná operace se vrátila, protože vypršel časový limit.

Date: 2023-12-26 13:16:45.813
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070020
Popis chyby :Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-12-26 13:16:45.813
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070020
Popis chyby :Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-12-26 13:13:30.677
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070643
Popis chyby ři instalaci došlo k závažné chybě.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X550VB.217 01/22/2014
Motherboard: ASUSTeK COMPUTER INC. X550VB
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 55%
Total physical RAM: 3981.62 MB
Available physical RAM: 1756.26 MB
Total Virtual: 4813.62 MB
Available Virtual: 2642.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:81.97 GB) (Model: ST750LM022 HN-M750MBB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:147.46 GB) (Model: ST750LM022 HN-M750MBB) NTFS

\\?\Volume{4ec93e8b-60c7-4f7e-bd0a-6a7aee10ca0f}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.53 GB) NTFS
\\?\Volume{c1f80401-266d-4ced-94dd-624c8a0e5d2c}\ () (Fixed) (Total:0.44 GB) (Free:0.17 GB) NTFS
\\?\Volume{0e2f1965-50a9-4f22-9982-4839cadcf9fa}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.79 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2967614A)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[keijei]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-14-2024
# Duration: 00:00:07
# OS: Windows 8.1
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12288 octets] - [15/02/2020 17:24:16]
AdwCleaner[C00].txt - [12769 octets] - [15/02/2020 17:26:15]
AdwCleaner[S01].txt - [1698 octets] - [14/01/2024 11:40:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

PS: Tohle můžu smazat? https://i.postimg.cc/QdYHqzyF/MAdwC.png

[Rudy]

Dejte nové logy FRST+Addition.

[keijei]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.01.2024
Ran by Simona (administrator) on SIMONKA (ASUSTeK COMPUTER INC. X550VB) (14-01-2024 15:11:15)
Running from C:\Users\Simona\Downloads\FRST64.exe
Loaded Profiles: UpdatusUser & Simona
Platform: Microsoft Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\Simona\Desktop\adwcleaner.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Simona\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-07-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2652832 2021-06-25] (Skutta, Kristjan -> )
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [Spotify] => C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe [20382072 2023-03-05] (Spotify AB -> Spotify Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-14] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll [2013-10-25] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D5476147-2D0E-4D88-903A-B222216E381C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (No File)
Task: {57900425-CC33-49DE-A3AF-0DD8FFD94E22} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -check (No File)
Task: {0E3B32FC-5FD4-4DD2-B7ED-081200912B39} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {332B1CD6-4ED7-4360-BA68-4E27E5E0E70C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {50CDDEA7-0D96-4B15-8DBE-3D895DACE48E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {19D3D3D4-897C-435A-9059-920A8BDCD41A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "daa9c885-3027-4754-9c77-06edc10de0dd" --version "6.11.10455" --silent
Task: {8E162195-76E1-467F-9546-EC107D49DF6E} - System32\Tasks\CCleanerSkipUAC - Simona => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8F2D27CD-18D4-41A5-AE17-C91D4952A283} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {6901F6BA-3969-45FD-96F1-1EBA30838E42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {0D8C771E-A0EF-4368-BAA9-856DE568EFB5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A1A94BC-9D2D-46E5-9EA6-F372609F72A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26325928 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2AAB74F-149A-4199-BDD4-EEB01267DB76} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26325928 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {0255FBD5-3342-4EC6-BB20-19DB569C4B31} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144304 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E98373DB-7B4D-4438-BCEF-2C7190AC5A18} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144304 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {979B5228-60AC-4063-B90A-BF46830009D4} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A18634B-45C4-4D48-8C16-19B017A1B19C} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3825288 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F679076-0A7B-4F7E-9C3E-DA2A6FC2B3BB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1003432 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDCB3834-DC9B-42F0-8C7D-9B49DED4FC9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {973E1323-031D-4262-9E29-1D2479765886} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AA6863D-DF44-4FF0-93CF-FE4589ABC8F2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\27563747165727163656D28656A616: [DhcpNameServer] 84.244.91.2 84.244.91.14
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\84F64756C602741627E696: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\B65726563716F586F6D656: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\C4F63796E6B6161316: [DhcpNameServer] 10.10.10.1
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}\C696E6B6379737: [DhcpNameServer] 10.10.10.1
Tcpip\..\Interfaces\{8F7066D4-7694-4C57-8A65-84AF34554C33}: [DhcpNameServer] 192.168.56.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Simona\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-14]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
Edge Extension: (Edge relevant text changes) - C:\Users\Simona\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-11]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default [2024-01-14]
CHR Notifications: Default -> hxxps://modivo.cz; hxxps://remixshop.com; hxxps://teams.microsoft.com; hxxps://www.babylonshop.cz; hxxps://www.dobre-knihy.cz; hxxps://www.farmasi.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (BetterTTV) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-01-08]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-31]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12549056 2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-13] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [19264 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Tech. Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [226176 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-14 11:38 - 2024-01-14 11:38 - 008791352 _____ (Malwarebytes) C:\Users\Simona\Desktop\adwcleaner.exe
2024-01-14 10:29 - 2024-01-14 10:41 - 000026559 _____ C:\Users\Simona\Downloads\Addition.txt
2024-01-14 10:26 - 2024-01-14 15:12 - 000019873 _____ C:\Users\Simona\Downloads\FRST.txt
2024-01-14 10:21 - 2024-01-14 10:25 - 002389504 _____ (Farbar) C:\Users\Simona\Downloads\FRST64.exe
2024-01-14 10:16 - 2024-01-14 10:16 - 000000000 ____D C:\ProgramData\Piriform

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-14 15:11 - 2020-02-16 09:04 - 000000000 ____D C:\FRST
2024-01-14 14:31 - 2014-11-07 19:26 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-14 13:25 - 2023-05-13 12:25 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-01-14 12:24 - 2016-03-25 18:01 - 000000000 ____D C:\Program Files\CCleaner
2024-01-14 10:15 - 2014-11-21 18:40 - 000003970 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FF622C8F-693B-44EE-8E1F-F8C5DFE8E56D}
2024-01-14 10:12 - 2014-09-24 17:23 - 001739092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-14 10:12 - 2014-09-24 16:39 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-14 10:12 - 2014-09-24 16:39 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-14 10:12 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2024-01-14 10:05 - 2014-11-17 17:20 - 000000000 ____D C:\Users\Simona
2024-01-14 10:05 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-13 16:35 - 2014-11-07 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-13 16:26 - 2014-11-07 21:30 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-11 21:39 - 2015-02-17 16:47 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-09 14:28 - 2022-03-06 15:04 - 000000000 ____D C:\Users\Simona\AppData\Local\Spotify
2024-01-09 14:27 - 2018-08-09 07:37 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Spotify
2023-12-26 14:46 - 2015-01-18 10:48 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Microsoft\Excel

==================== Files in the root of some directories ========

2014-11-07 19:20 - 2020-02-15 16:18 - 000000062 _____ () C:\Users\Simona\AppData\Roaming\sp_data.sys
2021-05-15 06:27 - 2021-05-15 06:27 - 000007618 _____ () C:\Users\Simona\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2024-01-13 17:48
==================== End of FRST.txt ========================













Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.01.2024
Ran by Simona (14-01-2024 15:14:15)
Running from C:\Users\Simona\Downloads
Microsoft Windows 8.1 (Update) (X64) (2014-11-17 16:43:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3147881395-1193290844-1118327318-500 - Administrator - Disabled)
Guest (S-1-5-21-3147881395-1193290844-1118327318-501 - Limited - Disabled)
Simona (S-1-5-21-3147881395-1193290844-1118327318-1002 - Administrator - Enabled) => C:\Users\Simona
UpdatusUser (S-1-5-21-3147881395-1193290844-1118327318-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.170 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.168 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}) (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.15928.20282 - Microsoft Corporation)
Microsoft Access MUI (English) 2013 (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Excel MUI (English) 2013 (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (English) 2013 (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneNote MUI (English) 2013 (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Teams) (Version: 1.2.00.17057 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}) (Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15928.20282 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{0DF95460-2887-4011-9344-1959CDF18ADC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{49110532-D289-4BFF-807C-45B782E66A7C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{AA82E5EF-70C2-41CB-8432-309078304CBB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{C67BC332-A59A-4D40-977F-664F60AB21D8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{EB91007A-0110-42A6-B869-2709955A9B2A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{30F99474-EBE3-4134-A02B-F6CD38CFE243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{63824BC0-B747-43F3-9863-1066D64AD919}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Spotify) (Version: 1.2.5.1006.g22820f93 - Spotify AB)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
Windows Live Communications Platform (HKLM-x32\...\{0454BB9A-2A7A-4214-BDFF-937F7A711A44}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{FE7C0B3D-50B9-4951-BE78-A321CBF86552}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{4CCBD1F4-CEEC-452A-9CB8-46564B501315}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{56232E3D-7EA9-45E0-A371-26CD80510AF7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E18F981B-401C-4D90-BC57-D8903564D558}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

Packages:
=========
ASUS Tutorial -> C:\Program Files\WindowsApps\B9ECED6F.ASUSTutorial_1.0.0.43_neutral__qmba6cd70vzyy [2014-11-07] (ASUSTeK COMPUTER INC.)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-02-07] (Microsoft Corporation)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-09-24] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-10] (MAGIX)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-14] (Microsoft Studios)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-18] (Microsoft Corporation) [MS Ad]
Výběr prohlížeče -> C:\WINDOWS\BrowserChoice [2014-11-21] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2013-07-08] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {853715EE-F728-4694-B4BB-90C4F45A5031} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\sharepoint.com -> hxxps://vsb-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Simona\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta programu Fotogalerie.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{075C8C06-DC1A-41D3-A86F-3DD9CBD8CB51}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{3BCC1669-4C41-4DF3-ACEA-F34DFB70F79C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3227D96C-8A7C-407C-A11F-B9165331FE48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE4527CE-2A5B-4184-9400-66CCB5774BE7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F7EF5EB-E1C4-446F-A123-603E4CFC5036}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{487CD657-2EA0-4FEC-BD28-AD13263AFAF5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51CDDE24-016D-4F5B-AECD-FB175F173F28}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6B81296-66BF-470E-BD47-4D9F029AE160}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{968EA77F-2733-4D95-B7E6-6F08AE4541D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B472C29-3D4E-4084-866E-2073CAAF20B3}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{EAF90B35-5598-4B65-967E-E1494E214ED8}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{B4DB4FAE-EF54-4D34-A9CF-E6AD46D68C66}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4ED25F5D-3D16-4A9F-A553-A5568A42E322}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4E3AD669-EE76-4C4C-A60F-1F6B98BA8859}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18E9748F-662E-4E86-83B6-5567AF692485}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2470698F-668A-4991-B5B8-1863A5F46DA7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CADA21BD-218C-45B5-B5CD-76A44DE13F43}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2F6A8B93-2808-44DB-85F9-DEF3D87536D8}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{410B4579-BE3C-4A85-B3F3-C368D1F5362C}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0FFD3A7E-6554-4A36-A53A-840F76D319C2}C:\users\simona\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simona\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{496CA31D-49BE-4EF5-B9A2-2F05B8FCDFF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C7F786E4-2768-4F62-AA0D-AE3AD94AF95B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31D3911F-9DDC-4616-AA07-996C8FADB8D8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72D22FFB-9683-4F7A-A6AB-7E8AB5A821D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F3D36AF-58CE-4CCB-822E-5C141C1CC5B2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F06DC326-C83F-432A-BB0F-E8E704ED2118}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-12-2023 13:16:41 Naplánovaný kontrolní bod
03-01-2024 14:47:06 Naplánovaný kontrolní bod
13-01-2024 18:14:27 Naplánovaný kontrolní bod
14-01-2024 11:41:21 AdwCleaner_BeforeCleaning_14/01/2024_11:41:21

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/14/2024 10:41:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 11.1.2024.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 394

Čas spuštění: 01da46cb3da72cfd

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Simona\Downloads\FRST64.exe

ID hlášení: 1e839ba1-b2c1-11ee-bf19-10c37b1f4c4e

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (01/14/2024 10:06:46 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:46 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:46 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:43 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (01/14/2024 10:06:39 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Správce modulu plug-in <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows

Podrobnosti:
(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (01/14/2024 10:06:38 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)

Error: (01/14/2024 10:06:37 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
0x8e5e0210 (0x8e5e0210)


System errors:
=============
Error: (01/14/2024 03:18:59 PM) (Source: DCOM) (EventID: 10010) (User: Simonka)
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/14/2024 03:16:59 PM) (Source: DCOM) (EventID: 10010) (User: Simonka)
Description: Server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/14/2024 11:42:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/14/2024 11:42:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba IconMan_R byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/14/2024 11:42:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/14/2024 11:42:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) ME Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/14/2024 11:42:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/14/2024 11:42:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2024-01-03 14:42:04.806
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B17E1EF5-6915-4E1D-8E33-72FFBDF33316}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-28 16:36:15.282
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EF77060C-7AEC-4422-A647-1585F0CA67BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-07 13:54:00.004
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F190163F-7C18-4068-87A6-25D90471CF18}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-24 10:55:51.431
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B55CB18A-ED6E-4383-96BD-92DC35F4E5DA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-22 13:51:49.448
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {08DF10F2-4AF8-4ADC-80E4-0EC4D668E49E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-12-26 13:36:42.220
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x800705b4
Popis chyby :Daná operace se vrátila, protože vypršel časový limit.

Date: 2023-12-26 13:36:42.220
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x800705b4
Popis chyby :Daná operace se vrátila, protože vypršel časový limit.

Date: 2023-12-26 13:16:45.813
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070020
Popis chyby :Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-12-26 13:16:45.813
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070020
Popis chyby :Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-12-26 13:13:30.677
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.403.577.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070643
Popis chyby ři instalaci došlo k závažné chybě.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X550VB.217 01/22/2014
Motherboard: ASUSTeK COMPUTER INC. X550VB
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 52%
Total physical RAM: 3981.62 MB
Available physical RAM: 1897.55 MB
Total Virtual: 4813.62 MB
Available Virtual: 2382.28 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:80.39 GB) (Model: ST750LM022 HN-M750MBB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:147.46 GB) (Model: ST750LM022 HN-M750MBB) NTFS

\\?\Volume{4ec93e8b-60c7-4f7e-bd0a-6a7aee10ca0f}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.53 GB) NTFS
\\?\Volume{c1f80401-266d-4ced-94dd-624c8a0e5d2c}\ () (Fixed) (Total:0.44 GB) (Free:0.17 GB) NTFS
\\?\Volume{0e2f1965-50a9-4f22-9982-4839cadcf9fa}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.79 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2967614A)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {8F2D27CD-18D4-41A5-AE17-C91D4952A283} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {6901F6BA-3969-45FD-96F1-1EBA30838E42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {D5476147-2D0E-4D88-903A-B222216E381C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (No File)
Task: {57900425-CC33-49DE-A3AF-0DD8FFD94E22} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -check (No File)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => -> No File
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Control Panel\Desktop\\Wallpaper ->

EmptyTemp:
End

Uložte do C:\Users\Simona\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[keijei]

Nevím jestli vše proběhlo korektně; trvalo to velmi dlouho, NTB se restartoval, log jsem vytáhl z adresáře, sám se neotevřel...

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.01.2024
Ran by Simona (14-01-2024 17:11:35) Run:2
Running from C:\Users\Simona\Downloads
Loaded Profiles: UpdatusUser & Simona
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {8F2D27CD-18D4-41A5-AE17-C91D4952A283} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {6901F6BA-3969-45FD-96F1-1EBA30838E42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {D5476147-2D0E-4D88-903A-B222216E381C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (No File)
Task: {57900425-CC33-49DE-A3AF-0DD8FFD94E22} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -check (No File)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => -> No File
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Control Panel\Desktop\\Wallpaper ->

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F2D27CD-18D4-41A5-AE17-C91D4952A283}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F2D27CD-18D4-41A5-AE17-C91D4952A283}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6901F6BA-3969-45FD-96F1-1EBA30838E42}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6901F6BA-3969-45FD-96F1-1EBA30838E42}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5476147-2D0E-4D88-903A-B222216E381C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5476147-2D0E-4D88-903A-B222216E381C}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS InstantOn Config => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS InstantOn Config" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57900425-CC33-49DE-A3AF-0DD8FFD94E22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57900425-CC33-49DE-A3AF-0DD8FFD94E22}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS Live Update2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update2" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\BackupContextMenuExtension => removed successfully
"HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Control Panel\Desktop\\Wallpaper -> => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100256256 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 105036349 B
Windows/system/drivers => 2270169 B
Edge => 0 B
Chrome => 47932131 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 68826156 B
UpdatusUser => 68826156 B
Simona => 82585034 B

RecycleBin => 0 B
EmptyTemp: => 453.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:11:56 ====

[Rudy]

Někdy se stane, že se sám neotevře. Bylo ale smazáno. Zrychlil se chod?

[keijei]

Ano, je to evidentně rychlejší; po restartu to najelo za cca 2 minuty. Holt už to je asi starý křáp a budu muset koupit něco novějšího. Osobně bych na to neměl nervy, naštěstí je to od manželky...

PS: Děkuji za pomoc, přispěl jsem..

PPS: Neodpověděl jste mi zda mohu smazat to, co je v karanténě v Malwarebytes AdwCleaner... asi ano...

PPPS: Manželka je nadšená...

[Rudy]

Tak to jsem rád. ADWC znovu spusťte, přejděte na nastavení, srolujte až dplů a klikněte na odstranit. Ostatní, co jste natahal do PC na můj pokyn, normálně snažte. Nemáte zač a za příspěvek děkujeme!