Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakují hlášení o nalezených virech programy, které nemám nainstalované

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Hop2
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 01 dub 2022 17:25

Vyskakují hlášení o nalezených virech programy, které nemám nainstalované

#1 Příspěvek od Hop2 »

Dobrý den,
po otevření Google Chrome se v prohlížeči ukazují spousty hlášení o nalezených virech. Hlášení se tváří, že to hlásí Mcaffee, Avira a další programy, které v notebooku nejsou nainstalované.

ADW cleaner nic nenašel, anl Eset v pc nic nenašel, posílám logy.
S pozdravem Pavel

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2022 01
Ran by papepa (administrator) on N-PED-W-27 (LENOVO 82C5) (24-06-2022 16:16:10)
Running from C:\Users\papepa\Desktop
Loaded Profiles: papepa
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1766 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1085224 2020-06-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-07-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-17] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209816 2020-07-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2778520 2020-07-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287640 2020-07-08] (SMART Technologies ULC -> SMART Technologies)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Uninstall 20.134.0705.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\20.134.0705.0008\amd64" (No File)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Uninstall 20.134.0705.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\20.134.0705.0008" (No File)
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\Run: [MicrosoftEdgeAutoLaunch_285F52E1EA62F986BEA1C54B59DAE7C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595168 2022-06-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\Policies\Explorer: [NoDrives] 1048576
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Epson_Print_Admin: C:\WINDOWS\system32\epscpmon.dll [831488 2019-05-31] (Seiko Epson Corporation) [File not signed]
HKLM\...\Print\Monitors\rica1Ilm: C:\WINDOWS\system32\rica1Ilm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38296 2020-07-14] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.53\Installer\chrmstp.exe [2022-06-23] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0502E4C3-11C6-4E98-A68F-6C9B0E34C9D4} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {0A7C73CC-A14D-47D2-99EF-0C1A88662842} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1932E7D0-039C-4C1C-A607-6E51E7E9F8A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A2A38C2-5BB1-4FB1-9E14-EB4C423D73C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2020-06-21] (Google Inc -> Google Inc.)
Task: {1E24DE5B-EF6F-42EE-87A3-31B56946C67D} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {216EC54A-B3E0-4C53-88E3-BEC17BE485DA} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {22421AC2-6038-4692-B7E2-BB07E1CDA800} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {267B8081-D086-4725-85AA-25DE47743BFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2020-06-21] (Google Inc -> Google Inc.)
Task: {34599E6C-6DF6-4930-9D0C-B9F6C7F4BDC3} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Process policy => {E444E1B9-502C-44f9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {35675C0D-8722-4FE1-B114-E59885DED2AA} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {40562F48-0FC2-4BAD-B706-FD3340ED71F0} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {4A43C6AF-1A73-4D04-87E5-A8F86DCC294E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {4B81BCC7-7469-48D9-BB16-A5FF22D6AB8B} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {4F09EAD1-1782-40DF-8A0A-B35E6FE437B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513792 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {519A43A1-F4E0-45E7-AB29-54C98FDDADDD} - System32\Tasks\CCleanerSkipUAC - papepa => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {54F77DEC-6112-4BDE-8174-3847F4376D6E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {67FDFCF9-6F87-4D49-BE17-92C17887714E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {6BAA400B-BA08-45AD-B1B8-CAF832B27429} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {714BD737-6307-47C3-8629-7D7AE3413B5B} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {72AC3A3B-9E4D-4CBA-B9AC-C38B9AF5786C} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {72F81736-3BB2-44D0-924D-CCDFB7E4861F} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {75F7D045-B6AF-4142-AC61-1DE0E8C5F3F4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {76DC051B-04DA-4DAE-A87A-E9889465E7E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {810C6E1F-5D53-4FFF-AF3B-07702CFE08EE} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {83A5D135-BB22-4C2F-A1B4-1F202599DFDF} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {8A5AEE7F-07DA-4612-8741-0E66FFD29ED1} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {91A76A85-F455-4E8C-8CED-F68D6B3563E2} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Process policy => {E444E1B9-502C-44f9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {A5038969-A3DD-493C-A8CA-6146C3E295A7} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {AF4F79B5-29B7-42E3-B9E4-48A5856F7450} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {B8ECA7AB-FAC6-4683-A063-EBA8FECB0060} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {C0B71E90-CF86-4E7C-B06C-A60E5736E468} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {CF935CE2-25A9-4610-9AD0-BF82F4E4D4D9} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {CFFAD67A-8D7C-4E23-A1C9-E69521A3324A} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {D71109B2-478E-4999-94FE-84390233C1FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D825990D-36EA-429F-A501-1344B1A30DEE} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {DD1D5191-B174-4A7C-9E3B-A98C922C541E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {EFD99FF7-F42B-487C-B09A-542C4592D48E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {F08FBB5B-466D-4295-9BBF-C0127B0A4F05} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {F287089E-9D0F-4A2F-83C0-08E87A6E2535} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513792 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F74BE92B-965E-4EC2-ABC5-D6C0B8C40FCD} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.31.204.130 8.8.8.8
Tcpip\..\Interfaces\{1d1ea665-37d8-4482-b343-b455262dc387}: [DhcpNameServer] 217.31.204.130 8.8.8.8

Edge:
=======
Edge Profile: C:\Users\papepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-24]

FireFox:
========
FF DefaultProfile: zm6x28sr.default
FF ProfilePath: C:\Users\papepa\AppData\Roaming\Mozilla\Firefox\Profiles\zm6x28sr.default [2020-06-22]
FF ProfilePath: C:\Users\papepa\AppData\Roaming\Mozilla\Firefox\Profiles\5i8cwsc9.default-release [2022-06-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-06-24]

Chrome:
=======
CHR Profile: C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default [2022-06-24]
CHR Extension: (Slides) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-06-10]
CHR Extension: (Docs) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-06-10]
CHR Extension: (Google Drive) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-06-10]
CHR Extension: (YouTube) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-06-10]
CHR Extension: (Sheets) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-06-10]
CHR Extension: (Google Docs Offline) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-10]
CHR Extension: (Gmail) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-06-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9483232 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [57952 2020-07-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-07-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-07-07] (ESET, spol. s r.o. -> ESET)
S2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1643688 2019-05-06] (Lenovo -> Lenovo(beijing) Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [637848 2020-07-10] (SMART Technologies ULC -> SMART Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\NisSrv.exe [2496152 2020-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MsMpEng.exe [104200 2020-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [155888 2020-07-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106848 2020-07-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195176 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116184 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2020-07-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVTabletPCx64; C:\WINDOWS\System32\drivers\SMARTVTabletPCx64.sys [30104 2020-07-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies ULC)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408800 2020-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64232 2020-06-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 16:16 - 2022-06-24 16:16 - 000024933 _____ C:\Users\papepa\Desktop\FRST.txt
2022-06-24 16:15 - 2022-06-24 16:16 - 000000000 ____D C:\FRST
2022-06-24 16:15 - 2022-06-24 15:55 - 001222144 _____ C:\Users\papepa\Desktop\RSITx64.exe
2022-06-24 16:15 - 2022-06-24 15:54 - 002369024 _____ (Farbar) C:\Users\papepa\Desktop\FRST64.exe
2022-06-22 08:46 - 2022-06-22 08:46 - 000000000 ____D C:\Users\kociir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Work Resources (RADC)
2022-06-20 20:51 - 2022-06-20 20:51 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-20 20:41 - 2022-06-20 20:41 - 000000000 ___HD C:\$WinREAgent
2022-06-17 08:16 - 2022-06-17 08:16 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-06-14 13:06 - 2022-06-14 13:06 - 001629371 _____ C:\Users\kociir\Downloads\Humanistická škola od 1.9.2022 (1).pdf
2022-06-14 13:05 - 2022-06-14 13:05 - 001629371 _____ C:\Users\kociir\Downloads\Humanistická škola od 1.9.2022.pdf
2022-06-10 11:12 - 2022-06-10 11:12 - 008551608 _____ (Malwarebytes) C:\Users\papepa\Downloads\adwcleaner_8.3.2.exe
2022-06-10 11:08 - 2022-06-10 11:08 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - papepa
2022-06-10 10:49 - 2022-06-10 10:49 - 000000000 ____D C:\Users\lokadmin\AppData\Local\D3DSCache
2022-06-10 10:47 - 2022-06-10 10:47 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1014039644-72913205-4195499779-1001
2022-06-09 13:42 - 2022-06-21 09:44 - 000000000 ____D C:\Users\kociir\AppData\Roaming\Seznam Browser
2022-06-09 13:41 - 2022-06-09 13:41 - 002549096 _____ (Malwarebytes) C:\Users\kociir\Downloads\MBSetup.exe
2022-06-09 13:40 - 2022-06-09 13:40 - 002549096 _____ (Malwarebytes) C:\Users\kociir\Downloads\MBSetup-99E146FF.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 16:08 - 2020-06-21 09:52 - 000000000 ____D C:\Program Files\CCleaner
2022-06-24 16:06 - 2020-06-24 08:32 - 000000000 ____D C:\Users\kociir
2022-06-24 16:06 - 2020-06-21 10:29 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-24 16:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-24 16:05 - 2020-06-22 09:46 - 000000000 __SHD C:\Users\papepa\IntelGraphicsProfiles
2022-06-24 14:37 - 2020-06-19 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-24 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-24 13:46 - 2020-06-22 09:02 - 000000152 _____ C:\WINDOWS\system32\config\netlogon.ftl
2022-06-24 09:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-23 10:13 - 2020-09-30 08:12 - 000000000 ____D C:\Users\kociir\AppData\Local\Deployment
2022-06-23 08:40 - 2020-06-24 08:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-23 08:40 - 2020-06-21 09:51 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-22 09:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-22 08:58 - 2020-06-19 11:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-22 08:42 - 2020-06-19 11:09 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-21 07:49 - 2020-06-19 10:51 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-21 07:49 - 2019-12-07 16:43 - 000685012 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-21 07:49 - 2019-12-07 16:43 - 000137776 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-21 07:48 - 2020-11-05 10:26 - 000000000 ____D C:\Users\kociir\AppData\Local\D3DSCache
2022-06-21 07:46 - 2020-06-24 08:32 - 000000000 __SHD C:\Users\kociir\IntelGraphicsProfiles
2022-06-21 00:19 - 2020-06-19 16:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-21 00:19 - 2020-06-19 16:43 - 000664080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-21 00:19 - 2020-06-19 16:43 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-21 00:19 - 2020-06-19 10:52 - 000000000 ____D C:\Intel
2022-06-21 00:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-06-21 00:19 - 2019-12-07 11:03 - 002359296 _____ C:\WINDOWS\system32\config\BBI
2022-06-21 00:18 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-21 00:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-20 20:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-20 20:50 - 2020-06-19 16:47 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-20 20:15 - 2021-05-04 08:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-20 20:15 - 2021-05-04 08:59 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-17 08:16 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-06-17 08:15 - 2020-06-23 10:54 - 000000000 ____D C:\Program Files\Microsoft Office
2022-06-14 08:28 - 2021-02-01 19:16 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-06-14 08:28 - 2020-06-21 11:01 - 000001899 _____ C:\Users\lokadmin\Desktop\Google Slides.lnk
2022-06-14 08:28 - 2020-06-21 11:01 - 000001899 _____ C:\Users\lokadmin\Desktop\Google Sheets.lnk
2022-06-14 08:28 - 2020-06-21 11:01 - 000001887 _____ C:\Users\lokadmin\Desktop\Google Docs.lnk
2022-06-14 07:32 - 2021-05-04 08:59 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-14 07:32 - 2021-05-04 08:59 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-06-10 11:04 - 2021-09-08 08:35 - 000000000 ____D C:\Users\papepa\AppData\Local\D3DSCache
2022-06-10 11:03 - 2020-06-22 09:46 - 000000000 ____D C:\Users\papepa\AppData\Local\Packages
2022-06-10 10:47 - 2022-05-24 13:16 - 000000000 ____D C:\Users\ruzipa
2022-06-10 10:47 - 2022-05-10 11:29 - 000000000 ____D C:\Users\hradal
2022-06-10 10:47 - 2021-12-02 13:10 - 000000000 ____D C:\Users\cielsa
2022-06-10 10:47 - 2020-06-21 09:51 - 000002391 _____ C:\Users\lokadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-10 10:47 - 2020-06-19 10:52 - 000000000 __SHD C:\Users\lokadmin\IntelGraphicsProfiles
2022-06-10 10:47 - 2020-06-19 10:51 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1014039644-72913205-4195499779-1001
2022-06-10 10:47 - 2020-06-19 10:49 - 000002370 _____ C:\Users\lokadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-10 10:47 - 2020-06-19 10:49 - 000000000 ____D C:\Users\lokadmin\AppData\Local\Packages
2022-06-09 13:43 - 2021-03-23 19:32 - 000001026 _____ C:\Users\kociir\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2022-06-09 13:43 - 2021-03-23 19:32 - 000001017 _____ C:\Users\kociir\Desktop\Seznam.cz.lnk
2022-06-09 13:37 - 2021-12-12 10:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2774596813-2351541506-2060952939-1290
2022-06-09 13:37 - 2020-06-24 08:32 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2774596813-2351541506-2060952939-1290
2022-06-09 13:37 - 2020-06-24 08:32 - 000002384 _____ C:\Users\kociir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-01 08:19 - 2022-02-03 09:23 - 000000000 ____D C:\Users\kociir\AppData\Roaming\vlc
2022-06-01 07:10 - 2020-06-19 10:49 - 000000000 ____D C:\ProgramData\Packages

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2022 01
Ran by papepa (24-06-2022 16:17:01)
Running from C:\Users\papepa\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1766 (X64) (2020-06-19 14:45:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1014039644-72913205-4195499779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1014039644-72913205-4195499779-503 - Limited - Disabled)
Guest (S-1-5-21-1014039644-72913205-4195499779-501 - Limited - Disabled)
lokadmin (S-1-5-21-1014039644-72913205-4195499779-1001 - Administrator - Enabled) => C:\Users\lokadmin
WDAGUtilityAccount (S-1-5-21-1014039644-72913205-4195499779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.9 (HKLM\...\{05A331A8-339A-4FE3-94B7-59EE90797A84}) (Version: 4.9.2.3082 - Open Media LLC)
4K YouTube to MP3 3.8 (HKLM\...\{736C976F-6FE9-4FF5-8F53-0DA0E90A402D}) (Version: 3.8.2.3082 - Open Media LLC)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
Epson Print Admin Driver (HKLM-x32\...\{beb4b9b0-1b06-44ab-b492-d9e29ea4901a}) (Version: 3.1.4 - Seiko Epson Corporation)
ESET Endpoint Antivirus (HKLM\...\{0F072F28-5832-463C-AC21-235B7BD4408A}) (Version: 7.3.2039.0 - ESET, spol. s r.o.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
GeoGebra Classic (HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\GeoGebra_6) (Version: 6.0.560 - International GeoGebra Institute)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 59.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.53 - Google LLC)
Google Chrome (HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google SketchUp 6 (HKLM-x32\...\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}) (Version: 6.4.247 - Google) Hidden
Google SketchUp 6 (HKLM-x32\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01623 - Google)
IrfanView 4.50 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.50 - Irfan Skiljan)
LibreOffice 6.3.1.2 (HKLM\...\{46BF4998-7CC7-43AA-8D4C-D43DEFB24493}) (Version: 6.3.1.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.44 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.10387.20023 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Volume - de-de) (Version: 16.0.10387.20023 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 69.0 (x64 cs) (HKLM\...\Mozilla Firefox 69.0 (x64 cs)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10387.20023 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10387.20023 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10387.20023 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10387.20023 - Microsoft Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\PhotoFiltre 7) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
SMART Czech Handwriting Resources (HKLM-x32\...\{65A75580-36A0-4490-8181-0967DD6C1464}) (Version: 15.1.10.0 - SMART Technologies ULC)
SMART Gallery Essentials (HKLM-x32\...\{B1BCD573-39C5-48CD-A2A7-F6525BB7072B}) (Version: 2.0.2.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{3AF320CE-8571-46D1-B2C0-6F95A2E03B9F}) (Version: 5.7.65.0 - SMART Technologies ULC)
SMART Lesson Activity Toolkit (HKLM-x32\...\{8AD57A09-153E-4F6D-A269-0AD8AC54B82A}) (Version: 2.0.7.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{4350F5AF-AEBF-4914-BB1C-847AF59E9BEC}) (Version: 20.0.4732.0 - SMART Technologies ULC)
SMART Ovladače produktů (HKLM-x32\...\{0405B16D-65AF-4D2F-955B-32E10232A47E}) (Version: 12.16.359.0 - SMART Technologies ULC)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2022-05-24] (Dolby Laboratories)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-06-10] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-06-10] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2022-05-24] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\59.0.3.0\drivefsext.dll [2022-06-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\59.0.3.0\drivefsext.dll [2022-06-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\59.0.3.0\drivefsext.dll [2022-06-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\59.0.3.0\drivefsext.dll [2022-06-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\59.0.3.0\drivefsext.dll [2022-06-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\59.0.3.0\drivefsext.dll [2022-06-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\59.0.3.0\drivefsext.dll [2022-06-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-07] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-06-22 12:13 - 2018-10-22 11:49 - 005592064 _____ (Microsoft) [File not signed] C:\WINDOWS\System32\casablanca120.dll
2020-06-22 12:13 - 2019-05-31 09:25 - 000831488 _____ (Seiko Epson Corporation) [File not signed] C:\WINDOWS\System32\epscpmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-19] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1014039644-72913205-4195499779-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 217.31.204.130 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "sbsdk-server"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\StartupApproved\Run: => "GoogleDriveFS"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{15BE17B6-CF50-4B77-93A1-3BE3FE8080CD}] => (Allow) C:\Users\lokadmin\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{5FABEEE1-985A-4D5F-BACB-4C7D870FDEA1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1E455C9F-4306-4BBA-91DE-6B197093DB94}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27DD0B4B-9A41-4C21-A195-89E46144FA15}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{993F1E9A-1B81-4396-8705-E35B5F967FB6}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{E7ADBFCD-AE01-49D9-8644-E26551D2FD80}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{7AFC1CCB-E73A-46F4-8470-480FE2224CF1}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{B5AF8ED5-F555-4BEC-B908-2B255DB8AF66}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{B4BD340A-E380-4F2B-9856-61C6E7BAD247}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{85768F31-9B0B-4404-8704-29488A2C64B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF50205E-9F8D-4134-A3E9-46A252086BB8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A40F8CB1-178D-4A6C-90F8-B5F99EF0903C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73F2494B-87F0-46F8-AC90-885889088B9C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC04815E-B2DD-4F61-AB33-625C92C575BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D2FC288-292E-4090-AB9F-1908FD61A1FB}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C5804C14-9381-4C7D-818D-3C6EC6726867}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{A0F53D3B-6930-4DE1-B09B-F6106C8CCC81}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{DA107CED-8FB3-4206-8D5F-B826F8A2CFB9}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{10038EBC-DC02-4A89-B451-459C9756C13B}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{3411459D-D43B-4720-9C54-30CFDC5906E9}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{5C6B1A03-9643-43A3-AA04-5015A010B87F}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{EB500A69-9122-4630-A915-270926B84126}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{A837AA3B-ABF6-4848-970E-9E7563AD9C7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{362F240D-684E-46D6-A8D9-80AD7AAE0544}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E49074CB-0966-4D03-B201-EC5B2029947C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97CB1DDC-E8F5-4E88-B54F-24BBE4B0BF5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{B755179B-7B73-4606-9759-A5B252469C89}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F8FE1D7F-F9B3-4578-B4D5-77448A690F80}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{B9573983-540E-43C6-8EB0-D08B3D7D5F75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95A08B08-96BD-4998-BF4A-4CEC4B2D6C3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAB2A86A-188F-42E0-91C4-1D365667AB67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E7C69F3-968D-4328-98A7-4A00C2B11D2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5657E1D0-C441-4C96-98AB-1E7E9EABBF82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0B970AFE-3FA3-4A89-8111-13180216A0D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AA24009-0398-4016-9BB8-CC2B75CD4790}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBE088B6-A53F-4C7D-8119-C653372E474D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{737FE70E-2A8F-4866-9EEE-B46B0DF3758E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Input Configuration Device
Description: Microsoft Input Configuration Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: MTConfig
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: SMART Technologies
Service: mouhid
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dodavatelem definované zařízení standardu HID
Description: Dodavatelem definované zařízení standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Uživatelské zařízení standardu HID
Description: Uživatelské zařízení standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Input Configuration Device
Description: Microsoft Input Configuration Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: MTConfig
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dodavatelem definované zařízení standardu HID
Description: Dodavatelem definované zařízení standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Uživatelské zařízení standardu HID
Description: Uživatelské zařízení standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: SMART Technologies
Service: mouhid
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Pero standardu HID
Description: Pero standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/24/2022 04:06:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.1741, časové razítko: 0x9c64462c
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x747e77d0
ID chybujícího procesu: 0x21d8
Čas spuštění chybující aplikace: 0x01d887d392dcfd7f
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 721dfa2d-6140-4019-901c-42c95b2cd859
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/20/2022 10:03:58 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (06/20/2022 08:43:18 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1737_none_7dec0d8c7ca729de\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (06/20/2022 08:41:27 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1704_none_7de951067ca990f6\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (06/10/2022 10:47:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.1682, časové razítko: 0x7a09c6db
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x729177d0
ID chybujícího procesu: 0x2d88
Čas spuštění chybující aplikace: 0x01d87ca6baf30285
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 132e6bab-a81d-4c70-abe9-f9c70fe8effa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2022 08:22:58 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (06/07/2022 08:28:09 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1704_none_7de951067ca990f6\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (06/06/2022 02:28:48 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).


System errors:
=============
Error: (06/24/2022 04:14:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Dynamic Tuning service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/24/2022 04:14:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/24/2022 04:14:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office-Klick-und-Los-Dienst byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/24/2022 04:13:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Graphics Command Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/24/2022 04:13:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Notebook ITS Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/24/2022 04:13:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/24/2022 04:13:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/24/2022 04:13:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2020-06-21 09:59:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {30DFC605-3331-41D9-BC0D-260174FF9395}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-06-19 11:18:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {86E9A228-4F87-48ED-9F2A-4AC63DBAF00A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-06-19 11:08:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CFA313ED-DADE-4AD3-BA1A-2E55D3D03254}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-06-24 13:04:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\59.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-06-24 07:37:34
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO DKCN26WW 03/04/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-1005G1 CPU @ 1.20GHz
Percentage of memory in use: 40%
Total physical RAM: 7987.24 MB
Available physical RAM: 4735.28 MB
Total Virtual: 9267.24 MB
Available Virtual: 6364.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.83 GB) (Free:177.74 GB) (Model: WDC PC SN520 SDAPMUW-256G-1101) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.04 GB) (Model: WDC PC SN520 SDAPMUW-256G-1101) NTFS
Drive e: (STŘÍBRNÁ) (Removable) (Total:1.86 GB) (Free:1.8 GB) FAT

\\?\Volume{63656910-0bd7-11ec-83fe-283926e096ac}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{6365690f-0bd7-11ec-83fe-283926e096ac}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: D9FA2484)

Partition: GPT.

==========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 78939369)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0E)

==================== End of Addition.txt =======================




Logfile of random's system information tool 1.10 (written by random/random)
Run by papepa at 2022-06-24 16:19:36
Microsoft Windows 10 Pro
System drive C: has 182 GB (75%) free of 244 GB
Total RAM: 7987 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:19:42, on 24.06.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\papepa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\102.0.1245.44\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SMART Tray Tools] "C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe"
O4 - HKLM\..\Run: [SMARTNotification] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe"
O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe" -d
O4 - HKLM\..\Run: [sbsdk-server] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe"
O4 - HKLM\..\Run: [SMART Ink] "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe" -a
O4 - HKCU\..\Run: [OneDrive] "C:\Users\papepa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_285F52E1EA62F986BEA1C54B59DAE7C5] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe --startup_mode (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = zs-vsechovice.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = zs-vsechovice.local
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4b31d9b38e2bb506\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_20161bc - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem79.inf,%ServiceDisplayName%;Dolby DAX API Service (DolbyDAXAPI) - Dolby Laboratories - C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Security\ehttpsrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @oem67.inf,%ServiceDisplayName%;Intel(R) Dynamic Tuning service (esifsvc) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Fortemedia APO Control Service (FMAPOService) - Unknown owner - C:\WINDOWS\System32\FMService64.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.53\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIServiceN.exe
O23 - Service: @oem93.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service: @oem93.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\WINDOWS\system32\cAVS\IAS\IntelAudioService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @oem4.inf,%LNBITS.SVCDESC%;Lenovo Notebook ITS Service (LITSSVC) - Unknown owner - C:\WINDOWS\System32\LNBITSSvc.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem91.inf,%RstMwService.ServiceName%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\WINDOWS\System32\RtkAudUService64.exe (file missing)
O23 - Service: @oem84.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: SMART Helper Service (SMARTHelperService) - SMART Technologies - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @oem14.inf,%SynTPEnhService.SVCDESC%;SynTPEnhService (SynTPEnhService) - Unknown owner - C:\WINDOWS\System32\SynTPEnhService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14658 bytes

======Listing Processes======



log.zip
(35.42 KiB) Staženo 45 x
log.zip
(35.42 KiB) Staženo 45 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Vyskakují hlášení o nalezených virech programy, které nemám nainstalované

#2 Příspěvek od JaRon »

Ahoj,
treba vypnut reklamy a hlasenia vo w10
Pozri aj https://forum.viry.cz/viewtopic.php?f=3 ... 5#p1546785
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět