Prosím o kontrolu pomalého notebooku

[Malloch001]

Dobrý den,

můžete mi prosím zkontrolovat notebook? V posledních dnech se strašně seká, trvá mu, než se po přihlášení do windows načte, plus zavírání souborů má viditelný delay.
Zkoušel jsem ho vyčistit pomocí Ccleaneru, defragmentovat jednotku disku... Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2022
Ran by Petr (administrator) on DESKTOP-B7M08O1 (LENOVO 80E5) (25-10-2022 19:05:38)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atieclxx.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atiesrxx.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Studios) C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.3.10281.0_x86__8wekyb3d8bbwe\Jigsaw.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831256 2016-01-08] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [f.lux] => C:\Users\Petr\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2022-02-18] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [Opera Browser Assistant] => C:\Users\Petr\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4137936 2022-09-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Petr\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [2011240 2022-08-11] (ZONER software, a.s. -> ZONER a.s.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\MountPoints2: {f8456d7f-e425-11e8-b5fd-e4f89cda6d6b} - "G:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2020-09-26]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {019E3DD5-CA9B-4367-9321-07659D276025} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {08B8DD4F-4930-48E4-A795-F48F76263A9F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {0A9EB09E-D820-4FE9-B69F-5F1FEC9CBD9E} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {0D3F9715-5858-424A-9897-A86575EA76BF} - System32\Tasks\Opera scheduled assistant Autoupdate 1576834299 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe [2538448 2022-09-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Petr\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {11E4268A-349A-4ADE-9A65-EAA2534E4AED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {22EA2964-5087-416D-A00E-9BCB351BAAC5} - System32\Tasks\Opera scheduled Autoupdate 1550947879 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe [2538448 2022-09-05] (Opera Norway AS -> Opera Software)
Task: {292229BE-9A03-462E-AB28-9A74F13DF15A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {2B1A5F56-41AD-4F8B-A1CC-A94F95077134} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "20e5b7f3-012a-47eb-aecb-7cec1e75c39b" --version "6.05.10110" --silent
Task: {3F710E6E-45B6-4B47-B39D-FD9C2BDFFF2C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E22DDA0-9EFB-4C78-9A91-2E584E4312E2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4027288381-2091724253-1946861830-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4215696 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {70BD366A-A4F1-4DC6-B483-03E3178A0E5E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {73489180-55A2-4668-8D38-D73030551134} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {735B57CD-E6FD-488B-A981-94D8C579DD4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {797D3C50-0B8D-4F16-B30E-0E0DF6081EC7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7B7D2EF4-D94C-4DA0-960D-AA5EF765D3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {82666CB2-154F-42A8-9CAE-88C76E00C29A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {9483F0C7-3CC4-4E85-A346-6742AEA9EA4E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4215696 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1EB0651-0974-4EB5-BAC9-F418AAB7180E} - System32\Tasks\Zoner.Updater.S-1-5-21-4027288381-2091724253-1946861830-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1609008 2022-08-19] (ZONER software, a.s. -> ZONER a.s.)
Task: {A680983B-50AE-442C-87A7-3E3BB71AD26D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA90F779-50FF-421C-94EC-7D19B72AEA21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B511FDEA-0F7A-46A7-9686-7DF8D31F3459} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {C43507C6-D3A0-4447-8C47-8FEB387ACA07} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-4027288381-2091724253-1946861830-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1590.24.221.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [1874168 2022-09-10] (Facebook, Inc. -> Facebook Inc.)






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2022
Ran by Petr (25-10-2022 19:02:42)
Running from C:\Users\Petr\Desktop
Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) (2021-03-17 14:55:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4027288381-2091724253-1946861830-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4027288381-2091724253-1946861830-503 - Limited - Disabled)
Guest (S-1-5-21-4027288381-2091724253-1946861830-501 - Limited - Disabled)
Petr (S-1-5-21-4027288381-2091724253-1946861830-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4027288381-2091724253-1946861830-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
ACS Unified PC/SC Driver 4.3.1.0 (HKLM\...\{70105406-1CAF-4162-8A0B-C47361317A78}) (Version: 4.3.1.0 - Advanced Card Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Balíček ovladače systému Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (01/08/2019 4.3.1.0) (HKLM\...\F0BF7B36B8B2F7E24302D9C217904BB74C70A5BE) (Version: 01/08/2019 4.3.1.0 - Advanced Card Systems Ltd.)
Barvy 4.1 (HKLM\...\Barvy_is1) (Version: - Vlastimil Burian)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-9020CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.05 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
eObčanka (HKLM\...\{45F6BE7F-4C79-4E99-A6C8-63919DFF6F87}) (Version: 3.1.1.19123 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
f.lux (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Flux) (Version: - f.lux Software LLC)
FileZilla 3.61.0 (HKLM-x32\...\FileZilla Client) (Version: 3.61.0 - Tim Kosse)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Cherry SmartCard Package V3.3 Build 9 (HKLM-x32\...\{BABE1E59-F3A3-4B2B-80B1-41928543A042}) (Version: 3.3.0.9 - ZF Friedrichshafen AG, Electronic Systems)
I.CA Diagnostic (HKLM-x32\...\{FD66E890-D807-4367-8ACC-4FDEB52F0B6C}) (Version: 1.2.8.0 - První certifikacní autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikacní autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{B03EC5BA-6926-4DB5-B48B-DE00230FA24E}) (Version: 1.3.2.0 - První certifikacní autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.2.0) (Version: 1.3.2.0 - První certifikacní autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{F0EC556D-2257-4978-A34E-3F8AFF7E16E3}) (Version: 1.3.7.0 - První certifikacní autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.3.7.0) (Version: 1.3.7.0 - První certifikacní autorita, a.s.)
I.CA SecureStore 4.8 (HKLM\...\{D307CEA2-202C-453A-BC81-03F9A1F58C4C}) (Version: 4.8 - První certifikační autorita, a.s.)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.089.0426.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\0527a644a4ddd31d) (Version: 17.0.6880.4 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.23.27820 (HKLM\...\{9CA7111B-263D-45DE-B898-61FAD30B3237}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.23.27820 (HKLM\...\{A94EC1B2-932B-49D7-8AF2-4FBD29FF314B}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 106.0.1 (x64 cs)) (Version: 106.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
Navitel Navigator update center (HKLM-x32\...\Navitel Navigator update center) (Version: 2.3.0.81 - Center of Navigation Technologies)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2204.140 - Trusteer)
Opera Stable 90.0.4480.84 (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Opera 90.0.4480.84) (Version: 90.0.4480.84 - Opera Software)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2204.140 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Spotify) (Version: 1.1.18.611.g9cc9bdc9 - Spotify AB)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\WhatsApp) (Version: 2.2236.10 - WhatsApp)
Windows 10 Codec Pack 2.1.8 (HKLM-x32\...\Windows 10 - Codec Pack) (Version: 2.1.8 - Windows 10 Codec Pack)
Zoner Photo Studio X CS (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\ZPS X) (Version: 19.2203.2.393 - ZONER a.s.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m [2022-07-26] (Advanced Micro Devices Inc.) [Startup Task]
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2380.4.0_x64__kgqvnymyfvs32 [2022-10-18] (king.com)
Clockmaker: Match Three in Row -> C:\Program Files\WindowsApps\SamfinacoLimited.ClockmakerMatchThreeinRow_68.1.2.0_x64__aj0b1qrpyg0w6 [2022-10-12] (Samfinaco Limited)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.15.523.0_x64__rz1tebttyb220 [2022-10-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
File Viewer Plus -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus_3.3.3.0_x86__xkt78gamzntbr [2020-11-13] (Sharpened Productions)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa [2022-09-14] (Apple Inc.) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1590.24.221.0_x64__8xx8rvfyw5nnt [2022-09-10] (Meta) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.3.10281.0_x86__8wekyb3d8bbwe [2022-02-18] (Microsoft Studios)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-17] (Microsoft Studios) [MS Ad]
MineSweeper (Free) -> C:\Program Files\WindowsApps\50834ZAppsStudio.MineSweeperFree_1.1.32.0_x64__fr8j70y4p4pst [2021-05-12] (Z Apps Studio)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-18] (Netflix, Inc.)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2022-01-07] (Matt Hafner)
WinOpener -> C:\Program Files\WindowsApps\DeviceDoctor.WinOpener_2.1.32.0_x64__mkdtfchztkfbm [2022-01-07] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001_Classes\CLSID\{3AC4FD67-DA40-42C3-80D6-3522EF53ADEA}\InprocServer32 -> C:\Program Files\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-08 17:26 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-12-08 17:26 - 2012-07-14 10:53 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.proebiz.com -> hxxps://*.proebiz.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\sharepoint.com -> hxxps://zservis-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_8153.jpg
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CodecPackTrayMenu.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ICAMaintenance_ICAPKIService_RegKeysRefresh"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Codec Pack Update Checker"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{057F3C92-9B6E-4FEE-AB1D-9E3DBBEBD27C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{0B7AC465-90A8-4286-8EE4-CF8181BE95BE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [UDP Query User{F708D333-8067-4D07-8886-E3B815011E3B}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{5F7DB623-905A-470C-92E7-071AB5C8320C}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E929DCC-82AD-4B28-B3EC-DB05B76C7335}] => (Allow) LPort=54925
FirewallRules: [{5B8B104A-BD6B-4F5C-A875-F4B4A88AB758}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FDC627F5-5AA3-4FD3-93E5-AC4CFABC1C46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B14CCB4D-8975-450D-B822-A99E04F987D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E33BBBBD-7741-485B-BF3C-7A07FC6976E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D1F7F580-400B-4820-A641-0226D4573B66}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77AA3CAF-3D94-4A4F-BB39-5C5A8920FB90}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5F89ADEB-42CF-443A-852B-C11C14604F27}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7B1F198-436F-40B3-8D64-09CB08D0CCC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D78D963-EFB3-4655-85FA-951D5ED00D9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34F3FB17-1B74-4F66-B6CB-28E1FFB6C227}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB7D290E-810F-4F0D-B5DF-374D4C030307}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86ED9651-5A51-4CE8-9807-D531ADBF4163}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF6D9099-4C27-4CCD-8725-9C6C95B34BC1}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{EE88176E-0619-4095-A47C-292C0FE7F42E}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{4B2B779F-BD0C-44B2-A03C-A1F29B6CAA21}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7CD18376-2D32-45C0-ABD9-574F8939B1EA}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6D549353-5BF9-4531-A63A-8FD75E8B2FE2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3297B2BF-84D3-4738-9146-69C2BCB119B8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E68F7E9F-4703-4A03-803F-60748B9755A0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{56191E4D-69C6-46DC-BC1F-D8BDDFEE8255}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CDCF9D2C-94B6-4488-9EB3-C7639DF0D970}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D0B59617-CF12-4031-837F-50B25B2758D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{918C3B3A-F67B-4297-A0FF-C00A22B20A5B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2D1B327B-5193-4CD0-93B8-FB60F9F75B46}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C430A322-8728-48A7-A48E-A979C805B612}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D3B8C6D-E5E5-406F-9A23-F55E27910280}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89F17DAF-4D8F-4641-85D5-9B94A110FEE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3CBF8C13-9591-4E4B-B2B9-CAF552CCDF71}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7DFD8D23-6772-4B87-9AEB-CECCD83C52C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6C2D21E7-77D3-43F3-9288-FD05AC64B090}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

19-10-2022 10:24:24 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/25/2022 06:40:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d14

Čas spuštění: 01d8e89055c21344

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 6eaba191-b8da-4584-ad02-18743a3f3d70

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/22/2022 07:11:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2130 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d94

Čas spuštění: 01d8e62216db7baf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: c1d05ec5-e91e-49f6-82dc-0bf8d1e0e80f

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Navigation

Error: (10/22/2022 03:50:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: atieclxx.exe, verze: 27.20.20904.4000, časové razítko: 0x61305d02
Název chybujícího modulu: atieclxx.exe, verze: 27.20.20904.4000, časové razítko: 0x61305d02
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000359c6
ID chybujícího procesu: 0x20ac
Čas spuštění chybující aplikace: 0x01d8e57a634ef3bf
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atieclxx.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atieclxx.exe
ID zprávy: 79b8a843-d231-47e4-85c8-338d488c3999
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2022 03:36:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (10/22/2022 03:36:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Access is denied.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {52b606c4-c338-4bdc-8332-9f53e8dec412}

Error: (10/20/2022 06:37:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2130 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2450

Čas spuštění: 01d8e44794899693

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 405ec23c-eea9-4eef-9161-17aededf7c33

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Navigation

Error: (10/19/2022 06:05:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2130 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3bc4

Čas spuštění: 01d8e37fe73f8dc4

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 8a646e9b-4afe-4318-8033-b0bf5735cb91

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Navigation

Error: (10/18/2022 06:00:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2130 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3050

Čas spuštění: 01d8e2b72e665c56

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 6b9f4788-d88b-4189-985d-e0f7b0b5951e

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Navigation


System errors:
=============
Error: (10/25/2022 06:46:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Rapport Management Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restart the service.

Error: (10/25/2022 06:39:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/25/2022 06:24:26 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-B7M08O1)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/25/2022 06:16:03 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-B7M08O1)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/22/2022 04:13:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/22/2022 04:11:58 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-B7M08O1)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/22/2022 04:03:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restart the service.

Error: (10/22/2022 03:50:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2022-10-25 18:34:08
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {88FAA576-7B96-43B0-9BAB-A7D834B45A34}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-24 09:44:28
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {FEC2F486-CBDC-4694-9B0B-E3DDDDB36F7D}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-22 09:44:48
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {3DCD9DC9-1571-482B-9A1F-BE404A2D7A5C}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-21 10:09:29
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {4DB3DF6A-2414-4403-A955-6A24ABD595A7}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-20 10:02:54
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {0567EA57-171C-42EA-95F0-751745424825}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-10-24 07:31:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-24 07:31:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-23 10:19:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO B0CN93WW 07/23/2015
Motherboard: LENOVO Lenovo G50-80
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 62%
Total physical RAM: 8106.45 MB
Available physical RAM: 3063.77 MB
Total Virtual: 9386.45 MB
Available Virtual: 4115.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.36 GB) (Free:91.65 GB) (Model: CT500MX500SSD1) NTFS

\\?\Volume{a562bcdf-2c53-4354-8841-0b8e950c218f}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{cb88a220-8f5c-47a0-ac9e-d5350ce01d02}\ () (Fixed) (Total:0.8 GB) (Free:0.29 GB) NTFS
\\?\Volume{b53f82e7-f7a3-48b3-8c74-b7c9b5f498e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Nejprve spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Malloch001]

Mám tu dva logy (skoro stejné) - adwcleaner má zřejmě nový vzhled, místo čištění a opravy je tam možnost dát škodlivé programy do karantény (našlo mi jich tu 6, tak jsem je dal do karantény, viz. log dole

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-26-2022
# Duration: 00:00:01
# OS: Windows 10 (Build 19044.2130)
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\softwareupdate.exe
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Codec Settings UAC Manager
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\softwareupdate.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1973 octets] - [26/10/2022 09:54:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########






a



# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-26-2022
# Duration: 00:00:15
# OS: Windows 10 (Build 19044.2130)
# Scanned: 32098
# Detected: 6


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Conduit HKCU\Software\Conduit
PUP.Optional.Conduit HKLM\Software\Wow6432Node\Conduit
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\softwareupdate.exe
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Codec Settings UAC Manager
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\softwareupdate.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Rudy]

OK. Dejte nové logy FRST+Addition.

[Malloch001]

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2022
Ran by Petr (administrator) on DESKTOP-B7M08O1 (LENOVO 80E5) (26-10-2022 15:41:20)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atiesrxx.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Studios) C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.3.10281.0_x86__8wekyb3d8bbwe\Jigsaw.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831256 2016-01-08] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [f.lux] => C:\Users\Petr\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2022-02-18] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [Opera Browser Assistant] => C:\Users\Petr\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4137936 2022-09-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Petr\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [2011240 2022-08-11] (ZONER software, a.s. -> ZONER a.s.)
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\MountPoints2: {f8456d7f-e425-11e8-b5fd-e4f89cda6d6b} - "G:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2020-09-26]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {019E3DD5-CA9B-4367-9321-07659D276025} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {08B8DD4F-4930-48E4-A795-F48F76263A9F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {0A9EB09E-D820-4FE9-B69F-5F1FEC9CBD9E} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {0D3F9715-5858-424A-9897-A86575EA76BF} - System32\Tasks\Opera scheduled assistant Autoupdate 1576834299 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe [2538448 2022-09-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Petr\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {11E4268A-349A-4ADE-9A65-EAA2534E4AED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {22EA2964-5087-416D-A00E-9BCB351BAAC5} - System32\Tasks\Opera scheduled Autoupdate 1550947879 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe [2538448 2022-09-05] (Opera Norway AS -> Opera Software)
Task: {292229BE-9A03-462E-AB28-9A74F13DF15A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {3F710E6E-45B6-4B47-B39D-FD9C2BDFFF2C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E22DDA0-9EFB-4C78-9A91-2E584E4312E2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4027288381-2091724253-1946861830-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4215696 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {70BD366A-A4F1-4DC6-B483-03E3178A0E5E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {73489180-55A2-4668-8D38-D73030551134} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {735B57CD-E6FD-488B-A981-94D8C579DD4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {797D3C50-0B8D-4F16-B30E-0E0DF6081EC7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7B7D2EF4-D94C-4DA0-960D-AA5EF765D3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {82666CB2-154F-42A8-9CAE-88C76E00C29A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {9483F0C7-3CC4-4E85-A346-6742AEA9EA4E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4215696 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FD3AEB8-BE58-4AC6-8E73-5FF3B7C5DA43} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "20e5b7f3-012a-47eb-aecb-7cec1e75c39b" --version "6.05.10110" --silent
Task: {A1EB0651-0974-4EB5-BAC9-F418AAB7180E} - System32\Tasks\Zoner.Updater.S-1-5-21-4027288381-2091724253-1946861830-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1609008 2022-08-19] (ZONER software, a.s. -> ZONER a.s.)
Task: {A680983B-50AE-442C-87A7-3E3BB71AD26D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA90F779-50FF-421C-94EC-7D19B72AEA21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B511FDEA-0F7A-46A7-9686-7DF8D31F3459} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {C43507C6-D3A0-4447-8C47-8FEB387ACA07} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-4027288381-2091724253-1946861830-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1650.17.91.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2007288 2022-10-26] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {D7B29F51-5B30-4B98-974A-5DB1B5776075} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {D9250616-1FBC-4A2C-964A-4248013EBF2F} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E3223D5B-EAD4-4540-BD26-73DC3E82731C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {EEA1DA81-E419-43DE-812F-4F22AA4DB7AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{b71ebd70-5d99-451e-b020-2f70f9f4b46f}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{fcfd2283-5374-4ffa-af04-9c9f0575b8b5}: [DhcpNameServer] 192.168.3.1

Edge:
=======
DownloadDir: C:\Users\Petr\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-25]
Edge Extension: (IBM Security Rapport) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2022-04-22]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF DefaultProfile: ydzdgq5m.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ydzdgq5m.default [2022-10-26]
FF Notifications: Mozilla\Firefox\Profiles\ydzdgq5m.default -> hxxps://www.ozp.cz; hxxps://www.csob.cz; hxxps://moje.uniqa.cz
FF Extension: (IBM Security Rapport) - C:\Users\Petr\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2021-11-03] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Pomocník GIVT.cz) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ydzdgq5m.default\Extensions\@givt-toolbar-cz.xpi [2022-08-22]
FF Extension: (Záložky na iCloudu) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ydzdgq5m.default\Extensions\firefoxdav@icloud.com.xpi [2020-01-22]
FF Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ydzdgq5m.default\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-10-20]
FF Extension: (No Name) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ydzdgq5m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-29]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2022-10-26]
CHR Notifications: Default -> hxxps://www.csob.cz
CHR Extension: (Safe Torrent Scanner) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-07-19]
CHR Extension: (IBM Security Rapport) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-02-17]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2022-10-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-09]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
OPR Profile: C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable [2022-10-25]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [847886 2019-10-15] (Microsoft Windows -> )
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1185616 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncHelper.exe [3406224 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
S4 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [822688 2022-09-22] (McAfee, LLC -> McAfee, LLC)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.089.0426.0003\OneDriveUpdaterService.exe [3843472 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3016432 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cxbu0x64; C:\WINDOWS\system32\DRIVERS\cxbu0x64.sys [147576 2014-03-24] (HID Global -> HID Global Corporation)
R3 MpKslecccd3c0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CEA26B84-95B7-4622-9269-806ED2A4E125}\MpKslDrv.sys [228632 2022-10-26] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [454032 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R1 RapportCerberus_2204255; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2204255.sys [1491664 2022-09-14] (International Business Machines Corporation -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [552272 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [402840 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [453528 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [574544 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-26 15:41 - 2022-10-26 15:42 - 000027494 _____ C:\Users\Petr\Desktop\FRST.txt
2022-10-26 09:54 - 2022-10-26 09:57 - 000000000 ____D C:\AdwCleaner
2022-10-26 09:53 - 2022-10-26 09:53 - 008791352 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner.exe
2022-10-26 09:53 - 2022-10-26 09:53 - 008791352 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner.exe
2022-10-25 18:54 - 2022-10-26 15:41 - 000000000 ____D C:\FRST
2022-10-25 18:53 - 2022-10-25 18:53 - 002373632 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2022-10-25 18:51 - 2022-10-25 18:51 - 002076672 _____ (Farbar) C:\Users\Petr\Downloads\FRST.exe
2022-10-25 18:26 - 2022-10-25 18:26 - 000000552 _____ C:\Users\Petr\Documents\cc_20221025_182612.reg
2022-10-25 18:25 - 2022-10-25 18:25 - 000007506 _____ C:\Users\Petr\Documents\cc_20221025_182549.reg
2022-10-25 18:02 - 2022-10-25 18:12 - 000000000 ____D C:\ProgramData\SecTaskMan
2022-10-25 18:02 - 2022-10-25 18:02 - 003029920 _____ C:\Users\Petr\Downloads\SecurityTaskManager_Setup.exe
2022-10-25 18:02 - 2022-10-25 18:02 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2022-10-25 18:02 - 2022-10-25 18:02 - 000001220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2022-10-25 18:02 - 2022-10-25 18:02 - 000001208 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2022-10-25 18:02 - 2022-10-25 18:02 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2022-10-24 10:45 - 2022-10-24 10:45 - 000107780 _____ C:\Users\Petr\Downloads\8890121832_4132385_asist.pdf
2022-10-24 08:03 - 2022-10-24 08:03 - 000672623 _____ C:\Users\Petr\Downloads\prod_23b32073-0a73-4273-ac68-c8fafd012e3a.pdf
2022-10-24 07:53 - 2022-10-24 07:53 - 000336254 _____ C:\Users\Petr\Downloads\WienerLinien_Tickets_24.-10.-2022-752.pdf
2022-10-24 07:52 - 2022-10-24 07:52 - 000337154 _____ C:\Users\Petr\Downloads\WienerLinien_Tickets_24.-10.-2022-751.pdf
2022-10-23 17:29 - 2022-10-23 17:29 - 000048076 _____ C:\Users\Petr\Downloads\eticket(2).pdf
2022-10-23 17:29 - 2022-10-23 17:29 - 000048066 _____ C:\Users\Petr\Downloads\eticket(3).pdf
2022-10-22 15:35 - 2022-10-22 15:35 - 000003540 _____ C:\Users\Petr\Documents\cc_20221022_153509.reg
2022-10-22 12:32 - 2022-10-22 13:43 - 1291530195 _____ C:\Users\Petr\Downloads\Jurský park 3 cz.mkv
2022-10-22 09:37 - 2022-10-22 09:37 - 000127353 _____ C:\Users\Petr\Downloads\invoice_2022058971.pdf
2022-10-21 07:46 - 2022-10-21 07:46 - 000002224 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2022-10-20 09:37 - 2022-10-20 09:37 - 005241789 _____ C:\Users\Petr\Downloads\TL_5.pdf
2022-10-20 09:37 - 2022-10-20 09:37 - 000269098 _____ C:\Users\Petr\Downloads\Zalohova faktura - Z920220824.pdf
2022-10-20 09:37 - 2022-10-20 09:37 - 000165271 _____ C:\Users\Petr\Downloads\Návod_samonosné.pdf
2022-10-20 08:10 - 2022-10-20 08:10 - 000060847 _____ C:\Users\Petr\Downloads\Faktura-VZ_22004(1).pdf
2022-10-19 19:30 - 2022-10-20 08:21 - 000000000 ____D C:\Users\Petr\Desktop\septik
2022-10-19 15:08 - 2022-10-19 15:08 - 000059292 _____ C:\Users\Petr\Downloads\2022-10-16-5912080286-petr_2-fs.pdf
2022-10-18 15:00 - 2022-10-18 15:00 - 000981875 _____ C:\Users\Petr\Downloads\2221_221018144300_001.pdf
2022-10-18 13:28 - 2022-10-18 13:43 - 3473930140 _____ C:\Users\Petr\Downloads\Slunce rošťáků FHD (1967) Cz (78PT).avi
2022-10-18 12:13 - 2022-10-18 12:18 - 1356603466 _____ C:\Users\Petr\Downloads\Svaty rok (1976)MV avi.cz.avi
2022-10-17 11:32 - 2022-10-17 11:32 - 000065606 _____ C:\Users\Petr\Downloads\shrnuti_do_e_mailu-2022-10-17-.pdf
2022-10-17 10:25 - 2022-10-17 10:25 - 009868680 _____ C:\Users\Petr\Downloads\manual_crs_221001.pdf
2022-10-17 10:24 - 2022-10-17 10:24 - 000146373 _____ C:\Users\Petr\Downloads\OckovaciCertifikat(1).pdf
2022-10-17 10:11 - 2022-10-17 10:11 - 000393907 _____ C:\Users\Petr\Downloads\2208_221005094733_001(1).pdf
2022-10-17 10:02 - 2022-10-17 10:02 - 000511998 _____ C:\Users\Petr\Downloads\2200440935.pdf
2022-10-17 10:01 - 2022-10-17 10:01 - 000512622 _____ C:\Users\Petr\Downloads\2202381312.pdf
2022-10-17 09:57 - 2022-10-17 09:57 - 000510993 _____ C:\Users\Petr\Downloads\2912163117(1).pdf
2022-10-17 09:56 - 2022-10-17 09:56 - 000507630 _____ C:\Users\Petr\Downloads\2910430466.pdf
2022-10-17 09:52 - 2022-10-17 09:52 - 000511726 _____ C:\Users\Petr\Downloads\2206146233.pdf
2022-10-17 09:48 - 2022-10-17 09:48 - 000513011 _____ C:\Users\Petr\Downloads\2205084220.pdf
2022-10-17 09:44 - 2022-10-17 09:44 - 000508671 _____ C:\Users\Petr\Downloads\2204219283.pdf
2022-10-17 09:41 - 2022-10-17 09:41 - 000264157 _____ C:\Users\Petr\Downloads\Informacni_povinnost_CRS_ockovani.pdf
2022-10-16 16:37 - 2022-10-16 16:37 - 000349784 _____ C:\Users\Petr\Downloads\dcov---rozhodovaci-tabulky_2019.pdf
2022-10-16 16:36 - 2022-10-16 16:36 - 000268385 _____ C:\Users\Petr\Downloads\as-anasep_4.8_2016_02_09.dwg
2022-10-16 16:29 - 2022-10-16 16:29 - 001242542 _____ C:\Users\Petr\Downloads\pip_as-anasep_2018_10_17.pdf
2022-10-16 16:29 - 2022-10-16 16:29 - 000692095 _____ C:\Users\Petr\Downloads\as-anasep-cz-prospekt-2016.pdf
2022-10-16 16:16 - 2022-10-16 16:16 - 001281283 _____ C:\Users\Petr\Downloads\NÁKRES - Septik samonosný hranatý - kvádr.pdf
2022-10-16 16:08 - 2022-10-16 16:08 - 001544337 _____ C:\Users\Petr\Downloads\MN - septik samonosný.pdf
2022-10-16 16:06 - 2022-10-16 16:06 - 000714586 _____ C:\Users\Petr\Downloads\sz-septik+zemni-filtr.pdf
2022-10-15 18:22 - 2022-10-15 18:35 - 2227938985 _____ C:\Users\Petr\Downloads\Beverly.Hills.Cop.II.1987.REMASTERED.1080p.BrRip.x264.cze.eng.mkv
2022-10-15 18:08 - 2022-10-15 18:18 - 1837526852 _____ C:\Users\Petr\Downloads\Deadpool 2 - CZ dabing.avi
2022-10-14 09:29 - 2022-10-14 09:29 - 000199627 _____ C:\Users\Petr\Downloads\priloha_1093582268_0_NPPZ_Vyzva_4484946000.pdf
2022-10-13 17:14 - 2022-10-13 17:14 - 000048076 _____ C:\Users\Petr\Downloads\eticket.pdf
2022-10-13 17:14 - 2022-10-13 17:14 - 000048076 _____ C:\Users\Petr\Downloads\eticket(1).pdf
2022-10-13 16:04 - 2022-10-13 16:04 - 000125760 _____ C:\Users\Petr\Downloads\order_2022069128.pdf
2022-10-13 15:22 - 2022-10-13 15:22 - 000091058 _____ C:\Users\Petr\Downloads\2022-10-01-5900050633-z_servis_spol__s_r_o_-fs(1).pdf
2022-10-12 08:52 - 2022-10-12 08:52 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 08:52 - 2022-10-12 08:52 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 08:52 - 2022-10-12 08:52 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 08:52 - 2022-10-12 08:52 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 08:52 - 2022-10-12 08:52 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 08:51 - 2022-10-12 08:51 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 08:51 - 2022-10-12 08:51 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 08:33 - 2022-10-12 08:33 - 000000000 ___HD C:\$WinREAgent
2022-10-11 21:03 - 2022-10-11 21:03 - 000000000 ____D C:\Users\Petr\AppData\Local\GHISLER
2022-10-11 21:02 - 2022-10-11 21:02 - 000000000 ____D C:\Users\Petr\AppData\Roaming\GHISLER
2022-10-11 13:34 - 2022-10-11 13:34 - 000608355 _____ C:\Users\Petr\Downloads\2925281037.pdf
2022-10-11 13:33 - 2022-10-23 19:23 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-11 13:33 - 2022-10-23 19:23 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-10-11 13:30 - 2022-10-11 13:30 - 000607671 _____ C:\Users\Petr\Downloads\2925250623.pdf
2022-10-10 09:51 - 2022-10-10 09:51 - 000105069 _____ C:\Users\Petr\Downloads\ticket 3E52-TZ2H-LDI4.pdf
2022-10-10 08:45 - 2022-10-10 08:45 - 000188245 _____ C:\Users\Petr\Downloads\Ra6HZr8thY.pdf
2022-10-10 08:21 - 2022-10-10 08:21 - 000393907 _____ C:\Users\Petr\Downloads\2208_221005094733_001.pdf
2022-10-10 08:19 - 2022-10-10 08:19 - 000380522 _____ C:\Users\Petr\Downloads\858582267.pdf
2022-10-10 08:18 - 2022-10-10 08:18 - 000329084 _____ C:\Users\Petr\Downloads\858543001.pdf
2022-10-10 08:16 - 2022-10-10 08:16 - 000374180 _____ C:\Users\Petr\Downloads\858548374.pdf
2022-10-09 17:30 - 2022-10-22 15:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\MPC-HC
2022-10-09 11:29 - 2022-10-09 11:29 - 000189009 _____ C:\Users\Petr\Downloads\vinarumcz_vino_ze_susenych_sipku(1).pdf
2022-10-08 08:27 - 2022-10-08 08:27 - 000681303 _____ C:\Users\Petr\Downloads\priloha_1091316985_0_Milostive_leto_II.pdf
2022-10-07 17:42 - 2022-10-07 17:51 - 1977364161 _____ C:\Users\Petr\Downloads\Jason Bourne-(2016) CZ DABING.mkv
2022-10-07 17:31 - 2022-10-07 17:39 - 2018422220 _____ C:\Users\Petr\Downloads\Bournův-mýtus-(2004)-CZ-dabing.avi
2022-10-06 18:40 - 2022-10-06 18:40 - 000156160 _____ C:\Users\Petr\Downloads\N4.9.22. - pan Petr Josef Šmiták - FASO 20V(1).xls
2022-10-05 14:48 - 2022-10-05 14:48 - 000062785 _____ C:\Users\Petr\Downloads\FAKTURA - daňový doklad č_2022046.pdf
2022-10-05 14:47 - 2022-10-05 14:47 - 000134898 _____ C:\Users\Petr\Downloads\priloha_1090063562_0_VypisROB.pdf
2022-10-05 12:08 - 2022-10-05 12:08 - 000060940 _____ C:\Users\Petr\Downloads\2022-09-01-5911746971-standa-fs.pdf
2022-10-05 12:03 - 2022-10-05 12:03 - 000091058 _____ C:\Users\Petr\Downloads\2022-10-01-5900050633-z_servis_spol__s_r_o_-fs.pdf
2022-10-04 19:15 - 2022-10-04 19:15 - 003411138 _____ C:\Users\Petr\Desktop\Sidra Vajece.pdf
2022-10-04 18:28 - 2022-10-04 18:44 - 3505254926 _____ C:\Users\Petr\Downloads\Bourneovo ultimatum ~ (2007) HD cz.mkv
2022-10-03 09:56 - 2022-10-03 09:56 - 000134861 _____ C:\Users\Petr\Downloads\priloha_1088666202_0_VypisROB.pdf
2022-10-02 18:47 - 2022-10-02 18:48 - 000714201 _____ C:\Users\Petr\Downloads\FV_ZAL.PDF
2022-10-02 09:14 - 2022-10-02 09:14 - 000015400 _____ C:\Users\Petr\Documents\cc_20221002_091414.reg
2022-09-30 19:51 - 2022-09-30 19:51 - 000067149 _____ C:\Users\Petr\Downloads\Faktura k dorucene dodavce(3).PDF
2022-09-29 13:19 - 2022-09-29 13:19 - 000086137 _____ C:\Users\Petr\Downloads\priloha_1087860438_0_vyzva_k_zaplaceni_odpovednost_provozovatele.pdf
2022-09-28 20:11 - 2022-10-26 10:04 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-09-28 20:11 - 2022-10-26 10:04 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-09-27 14:40 - 2022-09-27 14:40 - 000060847 _____ C:\Users\Petr\Downloads\Faktura-VZ_22004.pdf
2022-09-27 08:31 - 2022-09-27 08:31 - 000176949 _____ C:\Users\Petr\Downloads\Předsmluvní informace.pdf
2022-09-27 08:19 - 2022-09-27 08:19 - 000223946 _____ C:\Users\Petr\Downloads\OP-MALLCZ-17-03-2021(1).pdf
2022-09-27 08:02 - 2022-09-27 08:02 - 000071697 _____ C:\Users\Petr\Downloads\86668219.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-26 15:40 - 2020-01-22 20:51 - 000000000 ____D C:\Users\Petr\Documents\Soubory Outlooku
2022-10-26 15:40 - 2018-11-10 15:07 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2022-10-26 15:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-26 15:05 - 2020-11-19 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-26 14:52 - 2019-03-21 14:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-26 12:38 - 2021-03-18 01:25 - 000717834 _____ C:\WINDOWS\system32\perfh005.dat
2022-10-26 12:38 - 2021-03-18 01:25 - 000144996 _____ C:\WINDOWS\system32\perfc005.dat
2022-10-26 12:38 - 2021-03-17 16:56 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-26 12:38 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-26 12:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-26 12:02 - 2022-02-09 11:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-26 11:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-26 11:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-26 11:48 - 2018-11-09 08:21 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2022-10-26 11:48 - 2018-11-09 08:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-10-26 10:04 - 2018-11-10 15:06 - 000000000 ____D C:\Program Files\CCleaner
2022-10-26 10:02 - 2021-03-17 16:43 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-26 10:02 - 2020-11-19 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-26 10:02 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-25 18:14 - 2021-03-17 16:55 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-10-24 11:22 - 2018-11-10 15:47 - 000000000 ___RD C:\Users\Petr\Desktop\excel
2022-10-24 10:55 - 2021-03-17 16:55 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-23 10:19 - 2018-11-09 08:30 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2022-10-22 15:50 - 2022-09-24 08:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-22 15:50 - 2018-11-10 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-22 15:49 - 2022-02-18 22:48 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2022-10-22 15:38 - 2021-03-17 16:55 - 000003820 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1576834299
2022-10-22 15:38 - 2021-03-17 16:55 - 000003568 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550947879
2022-10-22 12:36 - 2021-09-15 15:37 - 000000000 ____D C:\Users\Petr\Desktop\NS
2022-10-22 07:58 - 2021-10-09 13:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-22 07:58 - 2018-11-10 15:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-22 07:52 - 2020-11-19 09:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-22 07:52 - 2020-11-19 09:32 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-16 19:34 - 2021-03-17 16:47 - 000000000 ____D C:\Users\Petr
2022-10-16 17:21 - 2021-07-20 11:14 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-16 17:17 - 2022-03-18 16:38 - 000013388 _____ C:\Users\Petr\Documents\kimchi tab.xlsx
2022-10-16 14:07 - 2018-11-09 08:29 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2022-10-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-15 08:04 - 2020-11-19 09:32 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-15 08:04 - 2020-11-19 09:32 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-14 09:44 - 2018-11-09 08:21 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2022-10-14 09:20 - 2020-11-19 09:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-14 09:18 - 2019-03-21 14:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-14 09:18 - 2019-03-21 14:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-12 09:00 - 2020-11-19 09:30 - 000438920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 08:56 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 08:56 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 08:56 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-12 08:51 - 2020-11-19 09:32 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 08:19 - 2018-11-09 08:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 08:16 - 2018-11-09 08:43 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-08 08:35 - 2019-01-28 15:33 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WhatsApp
2022-10-08 08:28 - 2019-01-28 15:33 - 000002198 _____ C:\Users\Petr\Desktop\WhatsApp.lnk
2022-10-08 07:58 - 2020-02-06 09:04 - 000000000 ____D C:\ProgramData\Zoner
2022-10-06 19:58 - 2018-12-25 16:20 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2022-10-05 14:55 - 2022-02-07 17:25 - 000000000 ____D C:\Users\Petr\AppData\Local\WhatsApp
2022-10-02 09:09 - 2018-11-09 08:11 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2022-09-28 20:13 - 2020-03-07 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2022-09-28 20:13 - 2020-03-07 14:08 - 000000000 ____D C:\Program Files (x86)\FileZilla FTP Client

==================== Files in the root of some directories ========

2020-03-07 14:08 - 2020-03-07 14:08 - 000282894 _____ () C:\Users\Petr\AppData\Roaming\q13_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2020-01-27 13:41 - 2020-01-27 13:41 - 000305089 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\hh_9.2.1_.jse
2022-06-08 15:26 - 2022-06-08 15:28 - 000010240 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-07 14:21 - 2020-03-07 14:22 - 000000128 _____ () C:\Users\Petr\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Malloch001]

+ Addition


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2022
Ran by Petr (26-10-2022 15:44:22)
Running from C:\Users\Petr\Desktop
Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) (2021-03-17 14:55:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4027288381-2091724253-1946861830-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4027288381-2091724253-1946861830-503 - Limited - Disabled)
Guest (S-1-5-21-4027288381-2091724253-1946861830-501 - Limited - Disabled)
Petr (S-1-5-21-4027288381-2091724253-1946861830-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4027288381-2091724253-1946861830-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
ACS Unified PC/SC Driver 4.3.1.0 (HKLM\...\{70105406-1CAF-4162-8A0B-C47361317A78}) (Version: 4.3.1.0 - Advanced Card Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Balíček ovladače systému Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (01/08/2019 4.3.1.0) (HKLM\...\F0BF7B36B8B2F7E24302D9C217904BB74C70A5BE) (Version: 01/08/2019 4.3.1.0 - Advanced Card Systems Ltd.)
Barvy 4.1 (HKLM\...\Barvy_is1) (Version: - Vlastimil Burian)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-9020CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.05 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
eObčanka (HKLM\...\{45F6BE7F-4C79-4E99-A6C8-63919DFF6F87}) (Version: 3.1.1.19123 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
f.lux (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Flux) (Version: - f.lux Software LLC)
FileZilla 3.61.0 (HKLM-x32\...\FileZilla Client) (Version: 3.61.0 - Tim Kosse)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Cherry SmartCard Package V3.3 Build 9 (HKLM-x32\...\{BABE1E59-F3A3-4B2B-80B1-41928543A042}) (Version: 3.3.0.9 - ZF Friedrichshafen AG, Electronic Systems)
I.CA Diagnostic (HKLM-x32\...\{FD66E890-D807-4367-8ACC-4FDEB52F0B6C}) (Version: 1.2.8.0 - První certifikacní autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikacní autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{B03EC5BA-6926-4DB5-B48B-DE00230FA24E}) (Version: 1.3.2.0 - První certifikacní autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.2.0) (Version: 1.3.2.0 - První certifikacní autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{F0EC556D-2257-4978-A34E-3F8AFF7E16E3}) (Version: 1.3.7.0 - První certifikacní autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.3.7.0) (Version: 1.3.7.0 - První certifikacní autorita, a.s.)
I.CA SecureStore 4.8 (HKLM\...\{D307CEA2-202C-453A-BC81-03F9A1F58C4C}) (Version: 4.8 - První certifikační autorita, a.s.)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.089.0426.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\0527a644a4ddd31d) (Version: 17.0.6880.4 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.23.27820 (HKLM\...\{9CA7111B-263D-45DE-B898-61FAD30B3237}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.23.27820 (HKLM\...\{A94EC1B2-932B-49D7-8AF2-4FBD29FF314B}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 106.0.1 (x64 cs)) (Version: 106.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
Navitel Navigator update center (HKLM-x32\...\Navitel Navigator update center) (Version: 2.3.0.81 - Center of Navigation Technologies)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2204.140 - Trusteer)
Opera Stable 90.0.4480.84 (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Opera 90.0.4480.84) (Version: 90.0.4480.84 - Opera Software)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2204.140 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\Spotify) (Version: 1.1.18.611.g9cc9bdc9 - Spotify AB)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\WhatsApp) (Version: 2.2236.10 - WhatsApp)
Windows 10 Codec Pack 2.1.8 (HKLM-x32\...\Windows 10 - Codec Pack) (Version: 2.1.8 - Windows 10 Codec Pack)
Zoner Photo Studio X CS (HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\ZPS X) (Version: 19.2203.2.393 - ZONER a.s.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m [2022-07-26] (Advanced Micro Devices Inc.) [Startup Task]
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2380.4.0_x64__kgqvnymyfvs32 [2022-10-18] (king.com)
Clockmaker: Match Three in Row -> C:\Program Files\WindowsApps\SamfinacoLimited.ClockmakerMatchThreeinRow_68.1.2.0_x64__aj0b1qrpyg0w6 [2022-10-12] (Samfinaco Limited)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.15.523.0_x64__rz1tebttyb220 [2022-10-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
File Viewer Plus -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus_3.3.3.0_x86__xkt78gamzntbr [2020-11-13] (Sharpened Productions)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa [2022-10-26] (Apple Inc.) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1650.17.91.0_x64__8xx8rvfyw5nnt [2022-10-26] (Meta) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.3.10281.0_x86__8wekyb3d8bbwe [2022-10-25] (Microsoft Studios)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-25] (Microsoft Studios) [MS Ad]
MineSweeper (Free) -> C:\Program Files\WindowsApps\50834ZAppsStudio.MineSweeperFree_1.1.32.0_x64__fr8j70y4p4pst [2021-05-12] (Z Apps Studio)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-18] (Netflix, Inc.)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2022-10-25] (Matt Hafner)
WinOpener -> C:\Program Files\WindowsApps\DeviceDoctor.WinOpener_2.1.32.0_x64__mkdtfchztkfbm [2022-10-25] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001_Classes\CLSID\{3AC4FD67-DA40-42C3-80D6-3522EF53ADEA}\InprocServer32 -> C:\Program Files\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncShell64.dll [2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-08 17:26 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-12-08 17:26 - 2012-07-14 10:53 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-02] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\*.proebiz.com -> hxxps://*.proebiz.com
IE trusted site: HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\sharepoint.com -> hxxps://zservis-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_8153.jpg
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CodecPackTrayMenu.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ICAMaintenance_ICAPKIService_RegKeysRefresh"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "Codec Pack Update Checker"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{057F3C92-9B6E-4FEE-AB1D-9E3DBBEBD27C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{0B7AC465-90A8-4286-8EE4-CF8181BE95BE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [UDP Query User{F708D333-8067-4D07-8886-E3B815011E3B}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{5F7DB623-905A-470C-92E7-071AB5C8320C}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E929DCC-82AD-4B28-B3EC-DB05B76C7335}] => (Allow) LPort=54925
FirewallRules: [{5B8B104A-BD6B-4F5C-A875-F4B4A88AB758}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FDC627F5-5AA3-4FD3-93E5-AC4CFABC1C46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B14CCB4D-8975-450D-B822-A99E04F987D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E33BBBBD-7741-485B-BF3C-7A07FC6976E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D1F7F580-400B-4820-A641-0226D4573B66}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77AA3CAF-3D94-4A4F-BB39-5C5A8920FB90}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5F89ADEB-42CF-443A-852B-C11C14604F27}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7B1F198-436F-40B3-8D64-09CB08D0CCC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D78D963-EFB3-4655-85FA-951D5ED00D9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34F3FB17-1B74-4F66-B6CB-28E1FFB6C227}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB7D290E-810F-4F0D-B5DF-374D4C030307}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86ED9651-5A51-4CE8-9807-D531ADBF4163}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF6D9099-4C27-4CCD-8725-9C6C95B34BC1}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{EE88176E-0619-4095-A47C-292C0FE7F42E}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{4B2B779F-BD0C-44B2-A03C-A1F29B6CAA21}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7CD18376-2D32-45C0-ABD9-574F8939B1EA}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C430A322-8728-48A7-A48E-A979C805B612}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D3B8C6D-E5E5-406F-9A23-F55E27910280}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89F17DAF-4D8F-4641-85D5-9B94A110FEE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3CBF8C13-9591-4E4B-B2B9-CAF552CCDF71}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7DFD8D23-6772-4B87-9AEB-CECCD83C52C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6C2D21E7-77D3-43F3-9288-FD05AC64B090}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C84A416-1CFB-4841-BC1F-0B00F86A634F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{75A9202E-DE04-4D85-9565-86195CF9A8B7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EBCCA72-144F-46BD-9A18-67F053AD799A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8280BF3B-C312-4C03-825C-2E90DDD85B89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F762478-CD9B-44F2-96F5-41114942DA5D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{966A7AAD-D606-4B6C-8637-B88C56A98BD3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{164EC95F-CDC2-45DD-942C-AEE5A523F73E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A1388640-FADE-4757-BAEF-A850DAE19D65}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Restore Points =========================

19-10-2022 10:24:24 Scheduled Checkpoint
26-10-2022 12:25:57 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/26/2022 12:04:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 285c

Čas spuštění: 01d8e9202a0e3f4f

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 08afc67a-0d4c-42fd-b3ec-d3f0539a641b

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/25/2022 07:05:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1204

Čas spuštění: 01d8e8908beba6dd

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 3738cc4a-6100-43b6-9a3b-07528e91fcdc

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/25/2022 06:40:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d14

Čas spuštění: 01d8e89055c21344

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 6eaba191-b8da-4584-ad02-18743a3f3d70

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/22/2022 07:11:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2130 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d94

Čas spuštění: 01d8e62216db7baf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: c1d05ec5-e91e-49f6-82dc-0bf8d1e0e80f

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Navigation

Error: (10/22/2022 03:50:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: atieclxx.exe, verze: 27.20.20904.4000, časové razítko: 0x61305d02
Název chybujícího modulu: atieclxx.exe, verze: 27.20.20904.4000, časové razítko: 0x61305d02
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000359c6
ID chybujícího procesu: 0x20ac
Čas spuštění chybující aplikace: 0x01d8e57a634ef3bf
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atieclxx.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0373234.inf_amd64_2f2bf0ce197fd0ec\B371260\atieclxx.exe
ID zprávy: 79b8a843-d231-47e4-85c8-338d488c3999
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2022 03:36:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (10/22/2022 03:36:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Access is denied.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {52b606c4-c338-4bdc-8332-9f53e8dec412}

Error: (10/20/2022 06:37:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2130 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2450

Čas spuštění: 01d8e44794899693

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 405ec23c-eea9-4eef-9161-17aededf7c33

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Navigation


System errors:
=============
Error: (10/26/2022 10:21:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): ApplicationSet-9PB2MZ1ZMB1S-AppleInc.iTunes.

Error: (10/26/2022 10:03:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/26/2022 09:57:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restart the service.

Error: (10/26/2022 09:57:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Rapport Management Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restart the service.

Error: (10/26/2022 09:57:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/26/2022 09:57:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management Engine WMI Provider Registration byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/26/2022 09:57:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/26/2022 09:57:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-10-26 10:22:01
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {CA678B03-0244-4225-8F76-D7383F0AD385}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-25 18:34:08
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {88FAA576-7B96-43B0-9BAB-A7D834B45A34}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-24 09:44:28
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {FEC2F486-CBDC-4694-9B0B-E3DDDDB36F7D}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-22 09:44:48
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {3DCD9DC9-1571-482B-9A1F-BE404A2D7A5C}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-21 10:09:29
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {4DB3DF6A-2414-4403-A955-6A24ABD595A7}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-10-26 10:18:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-24 07:31:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-24 07:31:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO B0CN93WW 07/23/2015
Motherboard: LENOVO Lenovo G50-80
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 44%
Total physical RAM: 8106.45 MB
Available physical RAM: 4505.87 MB
Total Virtual: 9386.45 MB
Available Virtual: 5220.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.36 GB) (Free:89.28 GB) (Model: CT500MX500SSD1) NTFS

\\?\Volume{a562bcdf-2c53-4354-8841-0b8e950c218f}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{cb88a220-8f5c-47a0-ac9e-d5350ce01d02}\ () (Fixed) (Total:0.8 GB) (Free:0.29 GB) NTFS
\\?\Volume{b53f82e7-f7a3-48b3-8c74-b7c9b5f498e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\MountPoints2: {f8456d7f-e425-11e8-b5fd-e4f89cda6d6b} - "G:\WD Drive Unlock.exe" autoplay=true
Task: {292229BE-9A03-462E-AB28-9A74F13DF15A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {EEA1DA81-E419-43DE-812F-4F22AA4DB7AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Malloch001]

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-10-2022
Ran by Petr (26-10-2022 17:08:00) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\...\MountPoints2: {f8456d7f-e425-11e8-b5fd-e4f89cda6d6b} - "G:\WD Drive Unlock.exe" autoplay=true
Task: {292229BE-9A03-462E-AB28-9A74F13DF15A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {EEA1DA81-E419-43DE-812F-4F22AA4DB7AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKU\S-1-5-21-4027288381-2091724253-1946861830-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8456d7f-e425-11e8-b5fd-e4f89cda6d6b} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{292229BE-9A03-462E-AB28-9A74F13DF15A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{292229BE-9A03-462E-AB28-9A74F13DF15A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EEA1DA81-E419-43DE-812F-4F22AA4DB7AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEA1DA81-E419-43DE-812F-4F22AA4DB7AA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 110012471 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2894778 B
Edge => 186919 B
Chrome => 93069886 B
Firefox => 173972094 B
Opera => 142478 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 597896 B
systemprofile32 => 863297 B
LocalService => 863297 B
NetworkService => 867141 B
Petr => 22279883 B

RecycleBin => 0 B
EmptyTemp: => 387 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-10-2022 17:10:20)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 17:10:20 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Malloch001]

Změna nastala, ale občas proběhne zásek zavírání windows oken a načítání windows menu je zasekané... Také po zapnutí počítače se načte windows a po přihlášení se objeví černá plocha, občas se plocha načte, občas je třeba restart.

[JaRon]

Zaskocim:
Aka je velkost adresara plocha/desktop

[Malloch001]

2,20 GB... Může to být tím?

[JaRon]

nie je to nejaky extrem, ale preventivne vycisti, aby velkost bola pod 1GB
Restart PC

[Malloch001]

Děkuji za radu - počítač se zlepšil, co se rychlosti týče. Teď jen ta černá plocha, když to nenaběhne, tak musím restart.

[JaRon]

Skusil by som preinstalovat ovladac grafickej karty - novsi/starsi