Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by o (26-07-2022 07:33:12)
Running from C:\Users\o\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2020-07-29 16:30:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2671679121-1364000227-736312402-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2671679121-1364000227-736312402-503 - Limited - Disabled)
Guest (S-1-5-21-2671679121-1364000227-736312402-501 - Limited - Disabled)
o (S-1-5-21-2671679121-1364000227-736312402-1003 - Administrator - Enabled) => C:\Users\o
OEM (S-1-5-21-2671679121-1364000227-736312402-1001 - Administrator - Enabled) => C:\Users\OEM
WDAGUtilityAccount (S-1-5-21-2671679121-1364000227-736312402-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20169 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports  (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
Canon Utilities Uploader for CANON iMAGE GATEWAY (HKLM-x32\...\Uploader for CANON iMAGE GATEWAY Plugin) (Version: 10.0.1.2 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
Double Commander 1.0.6 beta (HKLM\...\Double Commander_is1) (Version: 1.0.6 - Alexander Koblov)
eM Client (HKLM-x32\...\{49D2F1D2-6527-4D6B-B310-CD8338A99E6E}) (Version: 9.0.1708.0 - eM Client Inc.)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 15.2.11.0 - ESET, spol. s r.o.)
E-tube Project Normal V4 (HKLM-x32\...\{2F7F3743-DD5B-4C39-9686-2E82359D021A}) (Version: 4.0.4.11 - SHIMANO INC.) Hidden
E-tube Project Normal V4 (HKLM-x32\...\InstallShield_{2F7F3743-DD5B-4C39-9686-2E82359D021A}) (Version: 4.0.4.11 - SHIMANO INC.)
GIMP 2.10.18 (HKLM\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP DeskJet 5820 series Nápověda (HKLM-x32\...\{89D0B45E-D5AC-4B97-9C7D-6F0D2308A0CA}) (Version: 36.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
LenovoUsbDriver 1.0.16 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.16 - Lenovo)
Microsoft .NET Core Host - 3.1.27 (x64) (HKLM\...\{0A0DA9E9-6CC6-47F7-8C80-FA9259D593B0}) (Version: 24.108.31415 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.27 (x64) (HKLM\...\{5A2A3E2E-D357-4F22-B5CF-31733FDAF030}) (Version: 24.108.31415 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.27 (x64) (HKLM\...\{FF9D1913-291F-4A48-BDBB-5BEE8BF394B4}) (Version: 24.108.31415 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.7 (x64) (HKLM\...\{8F51A211-71F1-4858-8198-8A5A66818D16}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.7 (x64) (HKLM\...\{E18A98D1-DF73-4E11-AC20-FD0190628270}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.7 (x64) (HKLM\...\{882F32A5-8330-4366-844A-2F3B73C3F021}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2671679121-1364000227-736312402-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.27 (x64) (HKLM\...\{0116DF03-EA5F-41AE-90DF-7B8D82A880A4}) (Version: 24.108.31415 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.27 (x64) (HKLM-x32\...\{3b79c044-e24c-45eb-b710-03d503f2e594}) (Version: 3.1.27.31415 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.7 (x64) (HKLM\...\{30702F00-F514-4094-BA4A-A05B42FD1CAC}) (Version: 48.31.44003 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.7 (x64) (HKLM-x32\...\{a7dab025-ec7a-4e8a-add3-6d872f1d8aca}) (Version: 6.0.7.31422 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 102.0.1 (x64 cs)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
paint.net (HKLM\...\{6FED3D93-C0FA-4BD7-A36F-7FC53698244F}) (Version: 4.2.15 - dotPDN LLC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
PowerToys (Preview) (HKLM\...\{8881A0B0-BBCB-4171-8783-DBAE6F7158C8}) (Version: 0.59.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{799616eb-c851-42bb-806a-a8a136f32dda}) (Version: 0.59.1 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Sigma Data Center 5.6 (HKLM-x32\...\Sigma Data Center5.6) (Version: 5.6 - Sigma Elektro GmbH)
Sigma Data Center 5.7 (HKLM-x32\...\Sigma Data Center5.7) (Version: 5.7 - Sigma Elektro GmbH)
Sigma Data Center 5.8 (HKLM-x32\...\Sigma Data Center5.8) (Version: 5.8 - Sigma Elektro GmbH)
Spotify (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Studie vylepšování produktu HP DeskJet 5820 series (HKLM\...\{CAE450AC-801B-44FC-A200-0244F6AD5479}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\WhatsApp) (Version: 2.2226.5 - WhatsApp)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)

Packages:
=========
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.6.385.0_x64__ynb6jyjzte8ga [2022-03-24] (Adobe Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.21.71.0_x64__kgqvnymyfvs32 [2022-07-23] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2310.3.0_x64__kgqvnymyfvs32 [2022-07-13] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.222.400.0_x64__kgqvnymyfvs32 [2022-07-15] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_15.0.11.0_x86__m9bz608c1b9ra [2022-05-17] (Nordcurrent)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Dragon Mania Legends -> C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_6.8.301.0_x64__h6adky7gbf63m [2022-06-18] (Gameloft SE)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6 [2022-07-21] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Studios) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.0.0_x86__y5c4dfz5b21fm [2022-07-13] (Any DVD &amp; Office App)
Windows App Runtime DDLM 3.469.1654.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x6_3.469.1654.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Windows App Runtime DDLM 3.469.1654.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x8_3.469.1654.0_x86__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_4.528.1755.0_x64__8wekyb3d8bbwe [2022-06-15] (Microsoft Corporation)
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_4.528.1755.0_x86__8wekyb3d8bbwe [2022-06-15] (Microsoft Corporation)
WindowsAppRuntime.Main.1.0 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsAppRuntime.Main.1.0_4.528.1755.0_x64__8wekyb3d8bbwe [2022-06-15] (Microsoft Corp.)
WindowsAppRuntime.Singleton -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.Singleton_3.469.1654.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [475672 2008-07-26] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2008-07-26] (Logitech Inc -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-03 16:22 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2020-03-03 16:22 - 2017-03-20 17:13 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2020-03-03 16:22 - 2017-03-20 17:13 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.reg:  =>  <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.bat:  =>  <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.cmd:  =>  <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-2671679121-1364000227-736312402-1003 -> {96F7DBBC-8149-4334-AC47-E15E9020321E} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-08-05 11:09 - 2018-08-05 11:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2671679121-1364000227-736312402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\OEM\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Tatra podzim 2017 192 (4).JPG
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\o\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Dolená  Tatry  podzim 2019 050 (2).jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "ImageBrowser EX Agent.lnk"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D6FE37A1-1D14-4D1D-984E-5E79C2C55BD1}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66DBF78D-7F33-413B-A784-8BB554FFBD06}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3972142-1428-4B40-93A7-479B4EA9CF3D}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{60B11243-D286-4A87-A86D-2B083836908E}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39E9C860-4CC5-48E0-BA99-079BCDC6F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E58E12F-0CA7-442C-9A8F-04BBCA046A13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74EF2E72-8999-4C9D-B3C9-45C71A20E2AB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{8AD5C1B0-4316-4CFE-A003-4C9099F9D275}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{27D8CC21-59B4-4206-8E71-4D7D04B68A9A}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{85CDAB00-8A8C-4601-92E8-737E46FD87CE}] => (Allow) LPort=5357
FirewallRules: [{E284F53D-7B83-4FC4-96C3-B1D53163CE89}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{9204C48B-D29B-45DD-9B35-6123AA1AAB00}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F7458CE1-5154-4D50-AAC8-4676CD1F778C}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{E33C2654-D98E-41A8-A867-8239204CFE54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FEC1AD12-4D3F-44C4-A1A8-51E42D5FFDB7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E896724B-B9FB-4FF8-B105-D01497555647}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DD4C10D-6A9A-4E03-B980-2345F2BA1FD6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F458D1E8-57BF-404E-BFDB-8E45594766E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4D201CF5-1266-403A-BFAB-11727D32AE87}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.71\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

02-07-2022 07:52:26 Naplánovaný kontrolní bod
11-07-2022 10:19:19 Naplánovaný kontrolní bod
14-07-2022 15:21:17 Instalační služba modulů systému Windows
14-07-2022 15:23:07 Instalační služba modulů systému Windows
23-07-2022 06:36:41 Naplánovaný kontrolní bod
25-07-2022 16:19:01 AdwCleaner_BeforeCleaning_25/07/2022_16:18:57

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/25/2022 05:04:58 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (07/25/2022 05:04:58 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (07/25/2022 05:04:58 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (07/25/2022 09:51:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MailClient.exe verze 9.0.1708.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 177c

Čas spuštění: 01d89ffb3c57329a

Čas ukončení: 37

Cesta k aplikaci: C:\Program Files (x86)\eM Client\MailClient.exe

ID hlášení: 0a1d8367-0557-4992-b83a-67d3b2b8a597

Úplný název balíčku s chybou: 

ID aplikace relativní podle balíčku s chybou: 

Typ zablokování: Unknown

Error: (07/24/2022 04:37:46 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (07/24/2022 04:37:46 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (07/24/2022 04:37:46 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (07/23/2022 02:37:18 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002


System errors:
=============
Error: (07/26/2022 06:09:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_512e0 byla ukončena s následující chybou: 
Zařízení není připraveno.

Error: (07/25/2022 04:19:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/25/2022 04:19:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/25/2022 04:19:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management Engine WMI Provider Registration byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/25/2022 04:19:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (07/25/2022 04:19:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/25/2022 04:19:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (07/25/2022 06:47:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_43724 byla ukončena s následující chybou: 
Zařízení není připraveno.


Windows Defender:
================
Date: 2020-12-06 10:14:56
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {388A04F6-1781-437E-BCC1-6D9A722BF871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-06 07:18:31
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D7C26DB-716E-4592-94E5-50101B0BED4E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-04 15:14:05
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BAA004E1-8477-4695-9CB6-DF8FDCA4F1B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-04 12:35:34
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {76996594-6B4E-4B25-8E9B-C101E076753D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-04 10:14:07
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C01D6D25-4571-4111-BFD6-03BAA402C7CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
﻿
CodeIntegrity:
===============
Date: 2022-07-26 06:29:06
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 46%
Total physical RAM: 8155.09 MB
Available physical RAM: 4399.84 MB
Total Virtual: 9435.09 MB
Available Virtual: 2486.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.52 GB) (Free:108.34 GB) (Model: KINGSTON SUV400S37240G) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:344.26 GB) (Model: WDC WD10EZEX-00WN4A0) NTFS

\\?\Volume{dda794df-29ce-4260-955c-5d488ec41ee3}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
\\?\Volume{b390ac81-48ab-40dc-b785-5bc87a2d3889}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{0e88439b-e7a7-474c-b178-fade1ac6c8f1}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================