Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2024
Ran by msuro (11-09-2024 14:01:43)
Running from C:\Users\msuro\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4037 (X64) (2024-08-21 23:02:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3248026489-3966559180-2484514055-500 - Administrator - Disabled)
Admin_CZ (S-1-5-21-3248026489-3966559180-2484514055-1002 - Administrator - Enabled) => C:\Users\Admin_CZ
DefaultAccount (S-1-5-21-3248026489-3966559180-2484514055-503 - Limited - Disabled)
Guest (S-1-5-21-3248026489-3966559180-2484514055-501 - Limited - Disabled)
msuro (S-1-5-21-3248026489-3966559180-2484514055-1001 - Administrator - Enabled) => C:\Users\msuro
WDAGUtilityAccount (S-1-5-21-3248026489-3966559180-2484514055-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Disabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.003.20054 - Adobe)
ANT Drivers Installer x64 (HKLM\...\{0E58844F-7FF7-4CD2-AAE2-CE703BC68F52}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Balíček ovladače systému Windows - Zebra Technologies Inc. (WinUSB) WinUSB devices  (03/31/2018 1.0.0.6) (HKLM\...\45BED3BBD4732BEB270707C3769191B9C55708E6) (Version: 03/31/2018 1.0.0.6 - Zebra Technologies Inc.)
Blackmagic RAW Common Components (HKLM\...\{853720AF-81BE-4B04-9700-F32A053917B6}) (Version: 4.2 - Blackmagic Design)
DaVinci Resolve (HKLM\...\{8832D798-AF5F-4355-B29C-D277148E7A5E}) (Version: 19.0.00069 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{3739CA49-792F-4F1F-9B76-42DFBBBED27E}) (Version: 2.3.0.0 - Blackmagic Design)
DaVinci Resolve Renderer (HKLM\...\{BBFE867F-2024-4D63-95F5-7262BC2FB217}) (Version: 19.0.00069 - Blackmagic Design)
Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.6 - Dell Inc.)
Elevated Installer (HKLM-x32\...\{7E7A6576-011C-4CF5-A5CA-AA144A725DBF}) (Version: 7.23.0.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{F341024D-BE52-4CF7-83C1-9DA58DAB2970}) (Version: 17.2.8.0 - ESET, spol. s r.o.)
Evernote 10.102.4 (HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.102.4 - Evernote Corporation)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
Garmin Express (HKLM-x32\...\{135ceafa-3701-43b0-84bf-870018df80ee}) (Version: 7.23.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{FCD51A02-BD93-475D-902D-49FD51F2F6B8}) (Version: 7.23.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 128.0.6613.121 - Google LLC)
Intel(R) Extreme Tuning Utility SDK (HKLM\...\{3D3AC3C2-BD85-450E-BD2B-EF0E878B1E5F}_is1) (Version: 7.12.0.29 - Lenovo)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.9.0.26 - Lenovo Group Ltd.)
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.13.1.2 - Lenovo Group Ltd.)
Microsoft .NET Host - 8.0.0 (x64) (HKLM\...\{D44822A8-FC28-42FC-8B1D-21A78579FC79}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.0 (x64) (HKLM\...\{3A706840-2882-423C-90EB-B31545E2BC7A}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.0 (x64) (HKLM\...\{76DEEAB3-122F-4231-83C7-0C35363D02F9}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.67 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 128.0.2739.67 - Microsoft Corporation)
Microsoft Office Standard 2019 - cs-cz (HKLM\...\Standard2019Volume - cs-cz) (Version: 16.0.10413.20020 - Microsoft Corporation)
Microsoft Office Standard 2019 - en-us (HKLM\...\Standard2019Volume - en-us) (Version: 16.0.10413.20020 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\OneDriveSetup.exe) (Version: 24.166.0818.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3248026489-3966559180-2484514055-1002\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.0 (x64) (HKLM\...\{113C0ADC-B9BD-4F95-9653-4F5BC540ED03}) (Version: 64.0.5329 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.0 (x64) (HKLM-x32\...\{17316079-d65a-4f25-a9f3-56c32781b15d}) (Version: 8.0.0.33101 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
NVIDIA USBC Driver 1.52.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.52.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10413.20020 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10413.20020 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10413.20020 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10413.20020 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10413.20020 - Microsoft Corporation) Hidden
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
spacedesk Windows DRIVER (HKLM\...\{1315C629-9D5B-4B6C-9FD4-7AE689B30A1F}) (Version: 2.1.22.0 - datronicsoft Inc.)
StageNow (HKLM-x32\...\{A9A73A7C-6A08-4866-8B91-724D5A97051A}) (Version: 5.13.0 - Zebra Technologies Corp) Hidden
StageNow (HKLM-x32\...\InstallShield_{A9A73A7C-6A08-4866-8B91-724D5A97051A}) (Version: 5.13.0 - Zebra Technologies Corp)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tobii Experience Software For Windows (HKLM\...\{50584CC5-E289-4591-8091-25AF533AE85A}) (Version: 4.74.0.32957 - Tobii AB)
Tobii Experience Software For Windows (LenovoYX80) (HKLM\...\{267FC4F8-7110-4AB7-831C-3B77BCEB9C59}) (Version: 4.182.0.29391 - Tobii AB)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
Velocity Console (HKLM-x32\...\{6F66C136-5D1C-47C6-BC99-742FADAE8488}) (Version: 2.1.25.22273 - Ivanti)
Video Village Plugins (HKLM\...\{ECE757CB-5BBC-4CBD-AAA6-A0BEC9FEADC1}) (Version: 1.6.5.0 - Video Village) Hidden
Video Village Plugins (HKLM\...\{ECE757CB-5BBC-4CBD-AAA6-A0BEC9FEADC1}.msq) (Version: 1.6.5 - Video Village)
ViGEm Bus Driver (HKLM\...\{966606F3-2745-49E9-BF15-5C3EAA4E9077}) (Version: 1.22.0 - Nefarius Software Solutions e.U.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
X-Rite Color Assistant 2.53.0 (HKLM-x32\...\{6DCFB107-4604-4AA8-BEA6-CC80BCF0B3E4}_is1) (Version: 2.53.0 - X-Rite, Inc)
Zebra 123Scan (64bit) (HKLM\...\{1513039A-4B67-4DE4-A01A-E46167C80E5B}) (Version: 6.00.0021 - Zebra Technologies) Hidden
Zebra 123Scan (64bit) (HKLM-x32\...\InstallShield_{1513039A-4B67-4DE4-A01A-E46167C80E5B}) (Version: 6.00.0021 - Zebra Technologies)
Zebra CoreScanner Driver (64bit) (HKLM\...\{5163782B-50EB-4A31-8034-0E61E090EE4B}) (Version: 3.07.0050 - Zebra Technologies) Hidden
Zebra CoreScanner Driver (64bit) (HKLM-x32\...\InstallShield_{5163782B-50EB-4A31-8034-0E61E090EE4B}) (Version: 3.07.0050 - Zebra Technologies)

Chrome apps:
============
ESET HOME Login Portal (HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\5e3ca4fca9e8825bc5b55a3705c3c8bb) (Version: 1.0 - Google\Chrome)
Google Chat (HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\fe95f1cef9f79096f3ce6406e70accd8) (Version: 1.0 - Google\Chrome)
Google Keep (HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\86e841cac2e60bf7812f4392e3a59168) (Version: 1.0 - Google\Chrome)

Packages:
=========

AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5587.0_x64__8j3eq9eme6ctt [2024-09-10] (INTEL CORP) [Startup Task]
Call of Duty® -> C:\Program Files\WindowsApps\38985CA0.COREBase_1.0.31.0_x64_ww_5bkah9njm3e9g [2024-09-06] (Activision Publishing Inc.)
Desktop Gadgets -> C:\Program Files\WindowsApps\48405AmbientSoftware.DesktopGadgets_3.4.2.0_x64__agy8jafheqhng [2024-08-23] (Chan Software Solutions) [Startup Task]
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.20400.722.0_x64__rz1tebttyb220 [2024-09-06] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-09-10] (Dropbox Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-09-11] (Sparse Package)
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-21] (Microsoft Corporation) [Startup Task]
GKeep 8 -> C:\Program Files\WindowsApps\4238Rushi.GKeep8_1.2.28.0_x64__cby2vxncbvytc [2024-09-06] (Rushi)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2024-09-10] (Microsoft Corporation)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_21.1.500.0_x64__4n2hpmxwrvr6p [2024-08-21] (XBMC Foundation)
LabelZoom Studio -> C:\Program Files\WindowsApps\RJFTechnologySolutionsInc.LabelZoom_1.8.4.0_x64__eegtcn340ym50 [2024-08-21] (RJF Technology Solutions LLC)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2406.36.0_x64__k1h2ywk1493x8 [2024-09-10] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-08-21] (LENOVO INC) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-08-21] (Microsoft Corp.)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe [2024-08-31] (Microsoft) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-10] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.2331.0_x64__8wekyb3d8bbwe [2024-09-05] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-09-10] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-08-21] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.144.0_x64__8wekyb3d8bbwe [2024-09-06] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24081.55.0_x64__cw5n1h2txyewy [2024-09-05] (Microsoft Windows) [Startup Task]
MW3 PC MS DLC01 Game Stub 01 -> C:\Program Files\WindowsApps\38985CA0.MW3PCMSDLC01GameStub01_0.0.9.0_x64__5bkah9njm3e9g [2024-09-01] (Activision Publishing Inc.)
MWII DLC04 Game Stub 04 -> C:\Program Files\WindowsApps\38985CA0.MWIIDLC04GameStub04_0.0.9.0_x64__5bkah9njm3e9g [2024-09-01] (Activision Publishing Inc.)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm [2024-09-03] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-09-01] (NVIDIA Corp.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2024.717.1.0_x64__8kea50m9krsh2 [2024-08-21] (Code Spark)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2408.175.0_x64__8wekyb3d8bbwe [2024-09-03] (Microsoft Corporation) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0 [2024-08-31] (Spotify AB) [Startup Task]
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.68.29247.0_x64__j9ea20k37yd2w [2024-08-21] (Tobii AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2435.4.0_x64__cv1g1gvanyjgm [2024-09-06] (WhatsApp Inc.) [Startup Task]
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-06] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-08-21] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2017-07-04] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3248026489-3966559180-2484514055-1001_Classes\CLSID\{04271989-4A69-E6DA-A503-B39DDFE661AB} -> [OneDrive - CSBC BOHEMIA, spol. s r.o] => C:\Users\msuro\OneDrive - CSBC BOHEMIA, spol. s r.o [2024-08-22 10:55]
CustomCLSID: HKU\S-1-5-21-3248026489-3966559180-2484514055-1001_Classes\CLSID\{04271989-C4D2-15A2-35D9-9FE4A24C5183} -> [OneDrive - Efidex] => C:\Users\msuro\OneDrive - Efidex [2024-08-22 10:51]
CustomCLSID: HKU\S-1-5-21-3248026489-3966559180-2484514055-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\msuro\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.19202\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3248026489-3966559180-2484514055-1001_Classes\CLSID\{1fbfb627-93ed-88f1-57b8-78ec8c9febe7}\localserver32 -> "C:\ProgramData\Lenovo\Udc\Hosts\23.4.0.8\x64\MessagingPlugin.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3248026489-3966559180-2484514055-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3248026489-3966559180-2484514055-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\msuro\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-08-20] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-08-20] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_524a1f08cfa14687\nvshext.dll [2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-08-20] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\msuro\Desktop\ESET HOME Login Portal.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=lfgcpimjckokfjlilpfjiddjdpllfkmg
ShortcutWithArgument: C:\Users\msuro\Desktop\Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mdpkiolbdkhdjpekfbkbmhigcaggjagi
ShortcutWithArgument: C:\Users\msuro\Desktop\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\msuro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mdpkiolbdkhdjpekfbkbmhigcaggjagi\Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mdpkiolbdkhdjpekfbkbmhigcaggjagi
ShortcutWithArgument: C:\Users\msuro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_lfgcpimjckokfjlilpfjiddjdpllfkmg\ESET HOME Login Portal.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=lfgcpimjckokfjlilpfjiddjdpllfkmg
ShortcutWithArgument: C:\Users\msuro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_eilembjdkfgodjkcjnpgpaenohkicgjd\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\msuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\ESET HOME Login Portal.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=lfgcpimjckokfjlilpfjiddjdpllfkmg
ShortcutWithArgument: C:\Users\msuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mdpkiolbdkhdjpekfbkbmhigcaggjagi
ShortcutWithArgument: C:\Users\msuro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\msuro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ESET HOME Login Portal.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=lfgcpimjckokfjlilpfjiddjdpllfkmg
ShortcutWithArgument: C:\Users\msuro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mdpkiolbdkhdjpekfbkbmhigcaggjagi
ShortcutWithArgument: C:\Users\msuro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd

==================== Loaded Modules (Whitelisted) =============

2020-11-26 22:38 - 2020-11-26 22:38 - 000961536 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2020-11-26 22:38 - 2020-11-26 22:38 - 001446400 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-05-08 05:35 - 2017-05-08 05:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2020-11-18 04:14 - 2020-11-18 04:14 - 117340672 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-11-18 02:40 - 2020-11-18 02:40 - 000323072 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2020-11-18 02:40 - 2020-11-18 02:40 - 005441536 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2024-07-03 13:26 - 2024-07-03 13:26 - 001167360 _____ () [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\Crypto.dll
2024-07-03 13:25 - 2024-07-03 13:25 - 000336896 _____ () [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\DeviceAdapter.dll
2017-05-08 05:35 - 2017-05-08 05:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2024-08-21 15:30 - 2024-08-21 15:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2024-08-21 15:30 - 2024-08-21 15:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2020-11-18 02:39 - 2020-11-18 02:39 - 000843264 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2024-07-03 13:26 - 2024-07-03 13:26 - 000423424 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\BTTrans.dll
2024-07-03 13:25 - 2024-07-03 13:25 - 000080384 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\DriverADF.dll
2024-07-03 13:26 - 2024-07-03 13:26 - 000500224 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\IBMHIDTrans.dll
2024-07-03 13:26 - 2024-07-03 13:26 - 000374272 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\IBMHIDTTTrans.dll
2024-07-03 13:26 - 2024-07-03 13:26 - 000369152 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\IPTrans.dll
2024-07-03 13:25 - 2024-07-03 13:25 - 000059392 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\NIXBTrans.dll
2024-07-03 13:27 - 2024-07-03 13:27 - 000154112 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\RSMDriverProvider.dll
2024-07-03 13:26 - 2024-07-03 13:26 - 000559616 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\SNAPITrans.dll
2024-07-03 13:26 - 2024-07-03 13:26 - 000599552 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\SSITrans.dll
2024-07-03 13:27 - 2024-07-03 13:27 - 000343040 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\symbscnr.dll
2024-07-03 13:25 - 2024-07-03 13:25 - 000267264 _____ (Zebra Technologies) [File not signed] C:\Program Files\Zebra Technologies\Barcode Scanners\Common\USBHIDKBTrans.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\msuro\Downloads\eset_smart_security_premium_live_installer.exe:MBAM.Zone.Identifier [472]
AlternateDataStreams: C:\Users\msuro\Downloads\LSBSetup.exe:MBAM.Zone.Identifier [123]
AlternateDataStreams: C:\Users\msuro\Downloads\revosetup.exe:MBAM.Zone.Identifier [141]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-08-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-21] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\sharepoint.com -> hxxps://bernexgroup-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Intel;C:\Intel\m;C:\Intel\logs;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\msuro\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\3.jpg
HKU\S-1-5-21-3248026489-3966559180-2484514055-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\3.jpg
DNS Servers: 10.160.0.30 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel(R) Wi-Fi 6E AX211 160MHz -> Netwtw12.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "MRT"
HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\StartupApproved\Run: => "com.evernote.Evernote"
HKU\S-1-5-21-3248026489-3966559180-2484514055-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2C1E684CAD36948C9215B6B461E381FD"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{496237CE-E934-43CF-B784-E6965C1A567B}C:\users\msuro\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\msuro\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation)
FirewallRules: [UDP Query User{A67709BC-F8CD-4AC5-8865-70F11FEB163A}C:\users\msuro\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\msuro\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation)
FirewallRules: [{07DBAF90-9B7C-4766-86D8-D66165395228}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{56C11D5E-EC22-4468-A57B-1DC497359F89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0BEA1B26-C4F5-4B8B-9D37-1B610CD504B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A5B9B2F6-A1CD-42A7-97FA-85E177DB932A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AEE4D9DE-CF09-40A1-BA5B-F6E4FC0EF772}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{8C1EF6EF-158C-41A8-8AC7-B0619D92C1B5}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe (C62BD90A-CDD8-477F-96C3-B25992247B97 -> XBMC Foundation)
FirewallRules: [UDP Query User{BA5D920C-0E08-450A-ADE6-FF9CCEEE8D49}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe (C62BD90A-CDD8-477F-96C3-B25992247B97 -> XBMC Foundation)
FirewallRules: [{81932E30-84BE-4556-8765-96D5274CC8C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A95F94EA-5434-4240-BF58-C72040AEAA93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{8B0E4218-A383-4F63-9259-055B744E393A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1103.3051.6995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D404816-7975-4220-8A78-0BCFEBD2AEC9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1103.3051.6995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5BD66F40-D864-436C-AB8A-C4552358EA64}C:\users\msuro\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\msuro\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation)
FirewallRules: [UDP Query User{807C1C04-29AF-4594-9E09-7064CC9C7612}C:\users\msuro\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\msuro\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation)
FirewallRules: [{374B54AC-EDA3-4D35-9E6D-E1D20DCA46FB}] => (Allow) C:\Program Files\datronicsoft\spacedesk\spacedeskService.exe (Datronicsoft Inc. -> )
FirewallRules: [TCP Query User{9ACEC88A-0CDC-4486-A08B-3190597797A4}C:\program files (x86)\symbol technologies\staging_solution\symbol.stagenow.v2client.exe] => (Allow) C:\program files (x86)\symbol technologies\staging_solution\symbol.stagenow.v2client.exe (Symbol Technologies) [File not signed]
FirewallRules: [UDP Query User{80390A51-8C70-49ED-8F73-B4E23C9C9CDE}C:\program files (x86)\symbol technologies\staging_solution\symbol.stagenow.v2client.exe] => (Allow) C:\program files (x86)\symbol technologies\staging_solution\symbol.stagenow.v2client.exe (Symbol Technologies) [File not signed]
FirewallRules: [{1959505A-DC2D-40E2-A4AB-4F97BAA3C2C3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3FCE8F9D-37A4-48F9-8866-858753F56C8E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE1F0BEB-6C8E-4FFD-AE96-C00A8F603512}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09E47D42-D880-43D8-AE7B-80F5C7827B31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AEBE4F17-8317-4317-9AE8-66A7B2499F8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4B7F3562-1C6F-4C59-8115-BCC9CF73D59D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{673156C8-E798-42F0-9B9E-224DAF24A009}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{39875868-5075-4AC2-87E1-9D69112EC37F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D906050-A105-44A7-A625-69CD7E214442}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FC1AA738-E1D7-4291-ADB4-CBE774D0FB78}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE71B0C6-AAFE-4F74-A124-580CA8E76512}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5E63ECCE-CD3C-4CB9-9DDE-698BF4DBE156}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.245.454.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{997397F6-8AE0-4609-AE05-ECA43A99926E}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe (C62BD90A-CDD8-477F-96C3-B25992247B97 -> XBMC Foundation)
FirewallRules: [UDP Query User{6AD6CE64-DF95-4F13-8DA0-5412195207A1}C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_21.1.500.0_x64__4n2hpmxwrvr6p\kodi.exe (C62BD90A-CDD8-477F-96C3-B25992247B97 -> XBMC Foundation)
FirewallRules: [{967E6A7E-7C60-408E-A1BA-1E5F0032DE0D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{32903BFE-0311-4E47-8A35-A5FD1BD1AEC2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{ECC75CB0-EABA-4503-9463-846B98243242}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{270C9EAB-6879-41A2-A902-53D657484209}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{CEF501BF-9130-4B0B-9968-05E82823CC5A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7CD9C06B-F18D-4126-8871-C5616F147F45}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{D5E48162-DE55-4858-B24C-93C4B897A30F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{CE3C46F3-94EB-4336-A84D-B397413DDB47}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{AA2BB6C3-10FC-4F54-AEC6-CE7D9D91AD33}C:\xboxgames\call of duty\content\cod.exe] => (Allow) C:\xboxgames\call of duty\content\cod.exe (Access Denied)  [File not signed]
FirewallRules: [UDP Query User{537B1B1E-A455-49E8-965F-AC681447E4EF}C:\xboxgames\call of duty\content\cod.exe] => (Allow) C:\xboxgames\call of duty\content\cod.exe (Access Denied)  [File not signed]
FirewallRules: [TCP Query User{D9302E4B-9EB1-4F45-84D4-805E11D019FB}C:\xboxgames\call of duty\content\mp24\mp24-cod.exe] => (Allow) C:\xboxgames\call of duty\content\mp24\mp24-cod.exe (Access Denied)  [File not signed]
FirewallRules: [UDP Query User{554BD062-91B2-49F5-9438-AD0264B627E9}C:\xboxgames\call of duty\content\mp24\mp24-cod.exe] => (Allow) C:\xboxgames\call of duty\content\mp24\mp24-cod.exe (Access Denied)  [File not signed]
FirewallRules: [{563B6FDC-6F51-45ED-87D7-396A04A786F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6D64032-CDFD-4DFB-8B98-8CB6D84A4CDE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D7CFFB33-2483-4BFC-ABA4-C63ED5BF2F9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A446C9B1-A3AA-4619-84F8-4B8B65C8DEDE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.127.3200.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F0493C07-CF57-4167-9E84-CEEDAEDD28E6}C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe] => (Allow) C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{1DF6F4D0-C27D-4F3F-8A05-1FC085582B71}C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe] => (Allow) C:\program files\epic games\sniperghostwarriorco0ugt6\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [{0DD5BF08-D045-48BD-A08F-B53AE5D2BC49}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB200BB3-854E-4F4E-86D7-17973785971E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

06-09-2024 09:05:51 Windows Update
10-09-2024 07:30:13 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/11/2024 01:33:52 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (09/11/2024 01:33:52 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (09/11/2024 01:33:52 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (09/10/2024 09:52:32 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (09/10/2024 09:52:32 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (09/10/2024 09:52:32 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (09/10/2024 09:31:26 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (09/10/2024 09:31:26 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002


System errors:
=============
Error: (09/11/2024 01:37:37 PM) (Source: DCOM) (EventID: 10010) (User: LEGION)
Description: Server {88435F68-FFC1-445F-8EDF-EF78B84BA1C7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2024 01:37:05 PM) (Source: DCOM) (EventID: 10010) (User: LEGION)
Description: Server {88435F68-FFC1-445F-8EDF-EF78B84BA1C7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2024 01:36:33 PM) (Source: DCOM) (EventID: 10010) (User: LEGION)
Description: Server {88435F68-FFC1-445F-8EDF-EF78B84BA1C7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2024 01:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LenovoVantageService neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (09/10/2024 09:30:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LenovoVantageService neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (09/10/2024 09:26:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LenovoVantageService neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (09/10/2024 09:25:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_fa3402905034e59a\IntelIHVRouter12.dll

Error: (09/10/2024 09:25:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_fa3402905034e59a\IntelIHVRouter12.dll


Windows Defender:
================
Date: 2024-09-05 13:56:18
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08FE7205-7FAF-49F2-837D-5238C3E111B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM 

Date: 2024-09-01 09:58:54
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Fynloski.gen!A&threatid=2147690048&enterprise=0
Název: Behavior:Win32/Fynloski.gen!A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_process: C:\Intel\i1.exe, pid:30476:53549015656452
Původ detekce: Neznámý
Typ detekce: Obecný
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Intel\i1.exe
Verze bezpečnostních informací: AV: 1.417.423.0, AS: 1.417.423.0, NIS: 1.417.423.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3 

Date: 2024-09-01 09:57:25
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Fynloski.gen!A&threatid=2147690048&enterprise=0
Název: Behavior:Win32/Fynloski.gen!A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_process: C:\Intel\i2.exe, pid:22784:53549015656452
Původ detekce: Neznámý
Typ detekce: Obecný
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Intel\i2.exe
Verze bezpečnostních informací: AV: 1.417.423.0, AS: 1.417.423.0, NIS: 1.417.423.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3 

Date: 2024-09-01 09:57:23
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Název: Trojan:Win32/MpTamperBulkExcl.H
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: AMSI
Uživatel: Legion\msuro
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.417.423.0, AS: 1.417.423.0, NIS: 1.417.423.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3 

Date: 2024-09-01 09:57:14
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Název: Trojan:Win32/MpTamperBulkExcl.H
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: AMSI
Uživatel: Legion\msuro
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.417.423.0, AS: 1.417.423.0, NIS: 1.417.423.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3 
﻿Event[0]

Date: 2024-09-08 17:18:59
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby. 

Date: 2024-09-05 16:42:43
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby. 

Date: 2024-09-05 16:09:56
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby. 

Date: 2024-09-05 14:29:33
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby. 

CodeIntegrity:
===============
Date: 2024-09-11 13:33:52
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements. 


==================== Memory info =========================== 

BIOS: LENOVO N0CN22WW 04/19/2024
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i9-14900HX
Percentage of memory in use: 46%
Total physical RAM: 32491.87 MB
Available physical RAM: 17407.09 MB
Total Virtual: 34539.87 MB
Available Virtual: 14448.34 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:953.6 GB) (Free:245.43 GB) (Model: SAMSUNG MZVL21T0HCLR-00BL2) NTFS

\\?\Volume{ab3057ef-cfbc-4da7-ad6f-1dd14cc6b10f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: FEDF5058)

Partition: GPT.

==================== End of Addition.txt =======================