Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Aldaov1010
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 30 lis 2022 13:38

Preventivka

#1 Příspěvek od Aldaov1010 »

Zdravím všechny, prosím o preventivku:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by user (administrator) on DESKTOP-J0113CF (LENOVO 20JES3M302) (30-11-2022 14:01:58)
Running from C:\Users\user\AppData\Local\Temp\scoped_dir13348_884605418
Loaded Profiles: user
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\Tablet\ISD\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe ->) (Lenovo -> Lenovo) C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\UserSSCtrl.exe
(C:\Users\user\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\93.0.4585.21\opera_crashreporter.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\tpfsm.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Opera Norway AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\opera.exe <16>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1e59f5ec7049260a\aesm_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\LPlatSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194496 2022-09-05] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [278440 2019-12-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\MountPoints2: {6971c106-4160-11ed-a0e1-b4d5bdf01837} - "E:\.autorun\autorun.exe"
HKLM\...\Windows x64\Print Processors\Canon TS3400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDGF.DLL [525824 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3400 series: C:\Windows\system32\CNMLMGF.DLL [962560 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {071DE34D-6BF4-4311-8D11-68571D3275DF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {0E369CDD-7269-4DB6-BC13-0DED6FB3EB08} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\737a30ee-5be7-44a8-8ebe-d52f5e72d3ed => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13068E0E-6199-4085-80EF-703B0BCBA6B2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1A5E45CD-AE01-443E-A21F-270E5F241599} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {2277BABC-90D5-49BE-B26E-79E05AB9D577} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {2A7A5D4A-C387-4433-81EF-F125CBA7EC15} - System32\Tasks\GoogleUpdateTaskMachineUA{E4E1A95F-A308-4108-A17D-C1CF9ABC99B2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {343B679B-C24E-4FA3-949D-4DD822ACFBD7} - System32\Tasks\Opera scheduled Autoupdate 1645180049 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {3515F99A-FEB5-4212-92A4-A7D8087BF201} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5001CFC6-55B9-4B1A-9550-532C19B4347B} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {50C0CE82-B112-41D9-A5DC-816783236247} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {579CAF22-D976-43D5-B8D8-4CB153CDCB3B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {580D8110-EA79-4E08-9491-F56D67914D14} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\13069f7f-08dc-4736-970c-ea9db8ca4449 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {59214E0F-B046-4E02-99E4-B8C4F0F8DA40} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {5FDB5816-2822-4BB6-A39E-98C207358AAF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {64107118-9A54-49F1-A139-68188552B02E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {6D483567-5585-471B-AB73-9FDA6A7E0866} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DBD307C-2060-4195-B669-C730BAA66536} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [63936 2021-12-02] (Lenovo -> )
Task: {6FAF4065-AB18-4297-88C2-775F67A54A63} - System32\Tasks\Lenovo\Lenovo Platform Task => C:\Windows\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
Task: {6FC65B32-DD40-4C88-B5F5-606646120E09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FD5005B-F8C2-4771-B2AE-99EE73B0AA86} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ae4043b4-4665-4d75-bb87-419a4ce622df => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {96865AD8-8ED6-4FDE-B335-3C8A8C572C09} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9BF5E1B5-3ED6-4B5D-8A86-DF5E1075AEC2} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B0578D7E-F433-4BE5-A6DE-6B9463507D5F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1C345C4-F999-4D4B-8D3F-EF46952F9B4E} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {BC04D59B-FABB-4BA8-9783-32DC26B11A82} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C3D1A8E0-0151-4970-8142-C198B273583D} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {CB540BAB-DAC7-46BA-8558-BD78D8C10D43} - System32\Tasks\GoogleUpdateTaskMachineCore{114B8078-B77F-49EE-93D0-5865B62A95EB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {D0D55727-6ADC-4017-B827-4F1E0CFBC11B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {D636C1A6-C8D0-4B4E-AEEB-B52819F06582} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {DBB7257F-7271-41F1-91A4-547899BFF889} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DC2EB88D-282A-4B94-B528-843DBC752040} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {E21C5B01-15B7-4E4E-A709-7FD192728074} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (No File)
Task: {E2B8292D-B586-4B68-8397-90E739E123DC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E53E8F40-4093-4A0D-9D1F-8A6373B241E1} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {ECFA8A2E-DE1E-465A-B964-05340EC1FAC7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {F42FD8FA-B8A3-4FED-B21E-9AE4195A812E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1994733667-3999561179-3768099944-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5881862-37D2-4BB5-8942-1AC38EE03161} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {F6418C79-23CB-4A29-AAF6-54FF56D52AA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6D16DBF-C003-4A50-8AFC-4F46266B7996} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b1735ea0-fe97-414a-bb29-601608b99078" --version "6.06.10144" --silent

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{29cc5c3f-9822-4507-a330-f00fbe809f3a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5eb47522-f164-47b7-b2e3-41ee2bb558f1}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF DefaultProfile: lk15mx4v.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\lk15mx4v.default [2022-04-02]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qes5du2n.default-release [2022-11-30]
FF Homepage: Mozilla\Firefox\Profiles\qes5du2n.default-release -> www.seznam.cz
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-11-30]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2022-11-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (User-Agent Switcher) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\abikegoefdiihgbhgkkndohoflmgealc [2022-03-08]
OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-28]
OPR Extension: (Opera Wallet) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-02-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2022-08-24] (ESET, spol. s r.o. -> ESET)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3342360 2022-09-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3342360 2022-09-05] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2351304 2021-12-02] (Lenovo -> Lenovo Group Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SSSvc; C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe [146200 2018-07-19] (Lenovo -> Lenovo)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [78328 2021-08-25] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [242168 2022-09-21] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121728 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [98296 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [194312 2022-09-05] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [116960 2022-07-13] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [234192 2022-07-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [52880 2022-07-13] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79216 2022-07-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [119528 2022-07-13] (ESET, spol. s r.o. -> ESET)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [39000 2020-10-10] (IObit CO., LTD -> IObit Information Technology)
S3 LenovoBoost; C:\Windows\system32\DRIVERS\vanboost.sys [47888 2022-06-14] (Lenovo -> Lenovo Group Ltd.)
R1 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11968 2022-03-18] () [File not signed]
S3 Ser2pl; C:\Windows\system32\DRIVERS\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2021-10-06] (Microsoft Corporation) [File not signed]
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [135672 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R3 WacHidRouterISD; C:\Windows\system32\DRIVERS\wachidrouter_isd.sys [142424 2017-05-24] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-30 14:01 - 2022-11-30 14:02 - 000000000 ____D C:\FRST
2022-11-27 22:27 - 2022-10-18 22:43 - 002369920 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2022-11-27 22:27 - 2022-10-18 22:43 - 002226048 _____ (Synaptics Incorporated.) C:\Windows\system32\synaTEE.signed.dll
2022-11-27 22:27 - 2022-10-18 22:43 - 000100224 _____ (Synaptics Incorporated) C:\Windows\system32\SynapticsUtility.exe
2022-11-27 22:27 - 2022-10-18 22:42 - 002830640 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP_UI.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 002146432 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP_UI.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000506992 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000378664 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000135552 _____ (Intel Corporation) C:\Windows\system32\sgx_capable.dll
2022-11-23 15:29 - 2022-11-23 15:29 - 000063383 _____ C:\Users\user\OneDrive\Dokumenty\Potvrzení platby.pdf
2022-11-21 23:14 - 2022-11-21 23:14 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-11-21 22:06 - 2022-11-21 22:06 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-11-21 22:06 - 2022-11-21 22:06 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-11-21 22:06 - 2022-11-21 22:06 - 000000000 ____D C:\Program Files\Google
2022-11-16 08:21 - 2022-11-21 07:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-10 13:08 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2022-11-10 13:08 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-11-09 09:33 - 2022-11-09 09:33 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-11-09 09:28 - 2022-11-09 09:28 - 000000000 ___HD C:\$WinREAgent
2022-11-05 23:56 - 2022-11-05 23:56 - 000674959 _____ C:\Users\user\OneDrive\Dokumenty\zas-2022-03.pdf
2022-10-31 16:32 - 2022-10-31 16:39 - 000000000 ____D C:\Users\user\OneDrive\Dokumenty\Aukro

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-31 23:59 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-30 13:44 - 2022-02-14 13:25 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-30 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-30 13:31 - 2022-09-21 07:53 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-11-30 13:31 - 2022-09-21 07:53 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-11-30 13:31 - 2022-02-23 09:37 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-11-30 13:31 - 2022-02-23 09:37 - 000000000 ____D C:\Program Files\CCleaner
2022-11-30 13:05 - 2022-03-08 22:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-30 10:46 - 2022-04-02 20:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2022-11-30 10:46 - 2022-03-15 17:52 - 000004210 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{7F1FFD9B-1E9F-47BF-AA48-3B77B80E719E}
2022-11-30 10:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-30 10:43 - 2022-02-14 12:52 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2022-11-30 10:43 - 2022-02-14 12:31 - 000000000 ___RD C:\Users\user\OneDrive
2022-11-29 19:14 - 2022-05-11 11:28 - 000679902 _____ C:\Windows\system32\perfh005.dat
2022-11-29 19:14 - 2022-05-11 11:28 - 000136222 _____ C:\Windows\system32\perfc005.dat
2022-11-29 19:14 - 2022-02-14 12:30 - 001596402 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-29 19:14 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-11-29 19:11 - 2022-02-14 12:44 - 000000000 ____D C:\Windows\TempInst
2022-11-29 18:26 - 2022-02-18 12:09 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-29 18:26 - 2022-02-18 11:45 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-29 18:26 - 2022-02-18 11:45 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-29 18:26 - 2022-02-14 12:32 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1994733667-3999561179-3768099944-1001
2022-11-29 14:40 - 2022-02-18 11:36 - 000000000 ____D C:\Users\user\OneDrive\Dokumenty\Provozní záznam
2022-11-29 13:23 - 2022-02-18 12:53 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-11-29 13:16 - 2022-02-14 12:30 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2022-11-29 07:15 - 2022-02-18 11:27 - 000004198 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1645180049
2022-11-29 07:15 - 2022-02-18 11:27 - 000001406 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-11-28 07:34 - 2022-02-14 12:32 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-11-28 07:33 - 2022-02-14 13:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-28 07:33 - 2022-02-14 13:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-28 07:33 - 2022-02-14 12:32 - 000000000 ____D C:\Intel
2022-11-28 07:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-11-27 22:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-11-27 22:27 - 2019-12-07 10:03 - 001572864 _____ C:\Windows\system32\config\BBI
2022-11-27 22:25 - 2022-02-14 12:43 - 000021868 _____ C:\Windows\storelibdebug.txt
2022-11-22 17:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2022-11-21 23:19 - 2022-02-18 12:11 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2022-11-21 23:16 - 2022-03-23 08:42 - 000002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2022-11-21 23:16 - 2022-03-23 08:42 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-11-21 07:50 - 2022-04-02 20:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-16 15:21 - 2022-04-02 20:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-16 15:21 - 2022-04-02 20:21 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-11-10 13:10 - 2022-02-27 21:25 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-10 13:10 - 2022-02-27 21:25 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-10 13:09 - 2022-03-18 11:51 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2022-11-09 16:38 - 2022-05-14 00:54 - 000454904 _____ C:\Windows\system32\FNTCACHE.DAT
2022-11-09 16:37 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-11-09 09:35 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-09 09:33 - 2022-02-14 12:27 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-11-09 09:27 - 2022-02-21 21:24 - 000000000 ____D C:\Windows\system32\MRT
2022-11-09 09:26 - 2022-02-21 21:23 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2022-02-18 12:07 - 2022-02-18 12:07 - 000000410 _____ () C:\Users\user\AppData\Local\oobelibMkey.log
2022-02-19 05:26 - 2022-02-19 11:39 - 000007597 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by user (30-11-2022 14:03:03)
Running from C:\Users\user\AppData\Local\Temp\scoped_dir13348_884605418
Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) (2022-02-14 11:25:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1994733667-3999561179-3768099944-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1994733667-3999561179-3768099944-503 - Limited - Disabled)
Guest (S-1-5-21-1994733667-3999561179-3768099944-501 - Limited - Disabled)
Lexalex (S-1-5-21-1994733667-3999561179-3768099944-1004 - Limited - Enabled)
user (S-1-5-21-1994733667-3999561179-3768099944-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-1994733667-3999561179-3768099944-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.1.0.3 - Adobe Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.15.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.61.1.10 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.6.0.2 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon TS3400 series Driver (HKLM\...\{1199FAD5-9546-44F3-81CF-FFDB8040B7BF}_Canon_TS3400_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.277.0 - Conexant Systems)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
ESET Premium Line Encryption (HKLM\...\{764DBB66-954B-498B-A8F0-5674FF309BAC}) (Version: 2.0.0.29 - ESET) Hidden
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 15.2.17.0 - ESET, spol. s r.o.)
Google Earth Pro (HKLM\...\{F5A0C4E5-0B6C-43B1-AEFA-7E0BE48214FF}) (Version: 7.3.6.9285 - Google)
HT780E Programming Software V1.07.04 (HKLM-x32\...\{C1014EE8-5799-4446-9181-54BAA24FBEB1}) (Version: 1.07.0004 - Hytera Communications Corp., Ltd.)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.2.0.2 - IObit)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lenovo Scaling Utility (HKLM\...\Lenovo Scaling Utility) (Version: 3.22 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14827.20198 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0 (x64 cs)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Opera Stable 93.0.4585.21 (HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Opera 93.0.4585.21) (Version: 93.0.4585.21 - Opera Software)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.)
Thunderbolt™ Software (HKLM-x32\...\{1AA93FF8-C685-4E00-8682-7F2E5D8E8689}) (Version: 17.4.80.550 - Intel Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Wacom Pen (HKLM\...\ISD Tablet Driver) (Version: 7.3.4-38 - Wacom Technology Corp.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-27] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2202.9.0_x64__k1h2ywk1493x8 [2022-03-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-02-19] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-13] (INTEL CORP) [Startup Task]
Solitaire v češtině -> C:\Program Files\WindowsApps\TreeCardGames.KlondikeSolitaireCollectionFree_5.2.5.0_x64__n666hb6ddc5jp [2022-02-23] (TreeCardGames)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0 [2022-02-19] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2022-08-24] (DESlock Limited -> DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-02-18 12:56 - 2019-12-05 16:17 - 000008704 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2022-02-18 12:56 - 2019-12-05 16:17 - 000104448 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2022-05-02 09:03 - 2022-05-02 09:06 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{60BFD289-F967-4CAA-AED3-00B78DCF4DCF}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File
FirewallRules: [UDP Query User{590E8C45-650D-4456-B6FC-08ECEBCB93D0}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File
FirewallRules: [{BABAF5A6-7FED-4292-880B-0EEF42F16C99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3ADE850-AC2F-4AFA-8F00-CFF5E684E54C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54A5F2FD-5E5E-48A2-B008-97CA506AC0A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFF8FF02-8517-4301-90C5-DC405CB71FC7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC66927A-EB88-41BB-B6AB-3D322BD5D6B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3EDEFFF-A982-4391-A447-3540B6334455}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11600E84-0877-48E5-9477-857FB2DA66B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE8F21A7-6F35-4E00-A259-C42CF02389D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{903B24E9-6363-4795-A76C-7B19C7234676}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A6ED06B-3EBE-4677-BBEA-5D89275F0FB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{915404B9-7299-451B-A59B-70A2ED7F4DAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5259BD5-22AF-4FEB-B5F0-E66F8C2849C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BA35AF10-A119-4CEE-BC41-24A24A7BCCB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{1B67AA9B-3442-4108-A7FC-24A5A1D5BC29}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{BF0E0D6C-73B4-4456-BC3A-88197EAA50CD}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{11355B00-7B4A-43EB-8AF3-8A0EA93E9CA5}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{24B411C7-5B9F-4A59-BB8E-C05BD9520FDC}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{47ADE8F0-8892-413E-A1F9-E34042AEEEF0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{23647A37-19A7-41D5-9987-1B8B4BCF1009}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{977B2224-E983-4E49-BD80-4244DE751EC5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B475A554-14D0-40BA-A056-A4CC6EFFB6AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{07332231-2EBD-4CA2-A8CA-583632029B72}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65813012-6EE5-48F0-AE36-16C1B197D9FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{66DD72FE-E37E-4282-A169-A93763896199}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

09-11-2022 09:28:32 Instalační služba modulů systému Windows
16-11-2022 15:14:30 Naplánovaný kontrolní bod
21-11-2022 23:15:57 Instalováno Smart Switch

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/30/2022 01:32:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff8747f200f
ID chybujícího procesu: 0x3500
Čas spuštění chybující aplikace: 0x01d904b7c6a3a6c7
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 96bb3b5f-4eea-48cd-b9d3-c10671c6ac0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/30/2022 01:32:14 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (11/30/2022 01:32:14 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (11/30/2022 01:32:13 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (11/30/2022 01:32:13 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-J0113CF.local already in use; will try DESKTOP-J0113CF-2.local instead

Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-J0113CF.local. Addr 192.168.0.241

Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.241:5353 16 DESKTOP-J0113CF.local. AAAA 2A02:8308:C008:B300:809A:D3E3:3031:0C9D


System errors:
=============
Error: (11/30/2022 10:45:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/30/2022 10:44:55 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/30/2022 10:43:17 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (11/29/2022 07:16:10 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/29/2022 07:15:59 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/29/2022 07:14:18 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (11/28/2022 07:36:28 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/28/2022 07:33:51 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.


Windows Defender:
================Event[0]:

Date: 2022-12-31 23:59:56
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.425.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x800b0101
Popis chyby: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

CodeIntegrity:
===============
Date: 2022-11-30 14:03:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-30 13:58:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO N1NET59W (1.46 ) 10/04/2022
Motherboard: LENOVO 20JES3M302
Processor: Intel(R) Core(TM) i7-7600U CPU @ 2.80GHz
Percentage of memory in use: 50%
Total physical RAM: 15989.11 MB
Available physical RAM: 7883.5 MB
Total Virtual: 32373.11 MB
Available Virtual: 24505.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.39 GB) (Free:373.98 GB) (Model: SAMSUNG MZVLB512HAJQ-000L7) NTFS

\\?\Volume{4a7abb65-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{4a7abb65-0000-0000-0000-201c77000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 4A7ABB65)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\MountPoints2: {6971c106-4160-11ed-a0e1-b4d5bdf01837} - "E:\.autorun\autorun.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {2A7A5D4A-C387-4433-81EF-F125CBA7EC15} - System32\Tasks\GoogleUpdateTaskMachineUA{E4E1A95F-A308-4108-A17D-C1CF9ABC99B2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {CB540BAB-DAC7-46BA-8558-BD78D8C10D43} - System32\Tasks\GoogleUpdateTaskMachineCore{114B8078-B77F-49EE-93D0-5865B62A95EB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {E21C5B01-15B7-4E4E-A709-7FD192728074} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (No File)
C:\DumpStack.log.tmp
HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
FirewallRules: [TCP Query User{60BFD289-F967-4CAA-AED3-00B78DCF4DCF}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File
FirewallRules: [UDP Query User{590E8C45-650D-4456-B6FC-08ECEBCB93D0}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File

EmptyTemp:
End
Uložte do C:\Users\user\AppData\Local\Temp\scoped_dir13348_884605418 jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Aldaov1010
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 30 lis 2022 13:38

Re: Preventivka

#3 Příspěvek od Aldaov1010 »

Dobré ráno, posílám výsledek:


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-12-2022 08:53:04)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 08:53:04 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#4 Příspěvek od Rudy »

Aldaov1010 píše: 03 pro 2022 08:56 Dobré ráno, posílám výsledek:


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-12-2022 08:53:04)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 08:53:04 ====
Dělaáte si legraci? Fixlog vypadá asi takto: https://forum.viry.cz/viewtopic.php?p=1548976#p1548976 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Aldaov1010
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 30 lis 2022 13:38

Re: Preventivka

#5 Příspěvek od Aldaov1010 »

Dobrý den,

myslel jsem si, že jsem se spletl. Přeci mám jen hnusnou noční směnu za sebou, ale podívejte se sám. Udělal jsem printscreen. Ve složce je jen jeden fixlog,txt a po jeho otevření jen ta holá věta. Možná jsem asi tydýt a dívám se do jiné složky, ale nic jiného jsem nenašel.
Snímek obrazovky (6).jpg
Snímek obrazovky (6).jpg (45.04 KiB) Zobrazeno 467 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#6 Příspěvek od Rudy »

OK. Vy jste spustil Fix přímo ze složky, kam se vám FRST uložil. Fixlist de musí uložit do stejné složky, kde je PRST. Zkuste tedy uložilt FRST di nějaké normální složky, třeba na plochu, fixklist také na plochu a pak to spusťte. Ne nadarmu upozorňujeme, abyste ukládali FRST na plochu. Fixlist zůstane stejný, jak jsem ho sem postnul.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět