Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, podivné chování NTB

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Dogs
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 říj 2006 22:50

Prosím o kontrolu, podivné chování NTB

#1 Příspěvek od Dogs »

Dobrý den,

prosím o konrolu logu, ntb se chová divně. Nainstaloval jsem Eset, něco našel a opravil, spustil jsem Norton Power Eraser, také něco našel, zatím jsem nic neléčil ani neodstranoval.
Log je níže, děkuji předem za pomoc

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2022
Ran by x (administrator) on -PC (LENOVO 4291BD2) (17-12-2022 12:12:52)
Running from C:\Users\x\Downloads
Loaded Profiles: x
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\x\AppData\Local\Microsoft\OneDrive\22.238.1114.0002\Microsoft.SharePoint.exe
(NetSetMan GmbH -> ) C:\Program Files (x86)\NetSetMan\netsetman.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (NetSetMan GmbH -> ) C:\Program Files (x86)\NetSetMan\nsmservice.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21238.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21238.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194480 2022-12-16] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [NetSetMan] => C:\Program Files (x86)\NetSetMan\netsetman.exe [13147800 2021-05-31] (NetSetMan GmbH -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\x\AppData\Local\Microsoft\Teams\Update.exe [2587416 2022-12-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Run: [MicrosoftEdgeAutoLaunch_A83E2D204AB19DCE5550F9BE74E84F70] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877280 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\MountPoints2: {625b5856-1f51-11eb-9600-f0def1bf687d} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon TS5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDQ.DLL [482816 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5100 series: C:\WINDOWS\system32\CNMLMDQ.DLL [1302016 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A29CEF2-3947-46DF-BD47-ECC9E89B410F} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [File not signed]
Task: {114F5A86-F69D-4B60-A2CF-93842313EC8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {75B2E4C7-6DDC-480C-A910-FCB548C12DD5} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {B588B86A-ADB5-4748-ACCF-A720E62F89AB} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [851800 2018-12-25] (Lenovo -> Lenovo.)
Task: {CBAEF37D-710A-4A4A-9454-F19C3BBEF5D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {D09170B4-7FFF-412C-AC8B-023B71400509} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EBDFA47E-517C-4A3E-9770-F10781FC1EFD} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {FA71C26C-6ABB-47F1-835B-173D3FCD2E8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{a37f2d34-3320-4816-b13a-3b28cbb4e434}: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{d4e3dcf9-6d26-43f6-a335-df46c2c3b7d4}: [DhcpNameServer] 192.168.20.2 31.170.176.86

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\x\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-17]
Edge Notifications: Default -> hxxps://www.facebook.com

FireFox:
========
FF DefaultProfile: 3ttbg860.default
FF ProfilePath: C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\3ttbg860.default [2021-07-21]
FF ProfilePath: C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tz2pxwkr.default-release [2022-12-15]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-12-17]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\x\AppData\Local\Google\Chrome\User Data\Default [2022-12-17]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://pushwelcome.com; hxxps://www.conrad.cz
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Dokumenty Google offline) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-29]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2021-06-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-06-09]
CHR Profile: C:\Users\x\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-28]
CHR Profile: C:\Users\x\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [53880 2022-12-16] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-12-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-12-16] (ESET, spol. s r.o. -> ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1494808 2022-11-01] (ESET, spol. s r.o. -> ESET)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892760 2018-12-25] (Lenovo -> Lenovo.)
R2 nsmService; C:\Program Files (x86)\NetSetMan\nsmservice.exe [2329240 2020-12-20] (NetSetMan GmbH -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16360768 2022-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [194336 2022-12-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [235632 2022-12-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [80664 2022-12-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [121000 2022-12-16] (ESET, spol. s r.o. -> ESET)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44160 2018-12-25] (Lenovo -> Lenovo.)
R2 risdxc; C:\WINDOWS\system32\DRIVERS\risdxc64.sys [101888 2011-05-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-17 12:12 - 2022-12-17 12:14 - 000017158 _____ C:\Users\x\Downloads\FRST.txt
2022-12-17 12:12 - 2022-12-17 12:13 - 000000000 ____D C:\FRST
2022-12-17 12:11 - 2022-12-17 12:11 - 002375680 _____ (Farbar) C:\Users\x\Downloads\FRST64.exe
2022-12-16 17:11 - 2022-12-16 17:11 - 000000000 ____D C:\Users\x\AppData\Local\ESET
2022-12-16 16:52 - 2022-12-16 16:52 - 000057449 _____ C:\WINDOWS\system32\NOTICE_mod
2022-12-16 16:51 - 2022-12-16 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-12-16 16:51 - 2022-12-16 16:51 - 000000000 ____D C:\ProgramData\ESET
2022-12-16 16:51 - 2022-12-16 16:51 - 000000000 ____D C:\Program Files\ESET
2022-12-14 10:54 - 2022-12-14 10:54 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-14 10:53 - 2022-12-14 10:53 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-12-14 10:46 - 2022-12-14 15:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-14 10:41 - 2022-12-14 10:41 - 000000000 ___HD C:\$WinREAgent
2022-12-12 15:42 - 2022-12-12 15:42 - 000000000 ____D C:\Users\x\Downloads\OneDrive_2022-12-08
2022-12-12 15:40 - 2022-12-12 15:40 - 070436706 _____ C:\Users\x\Downloads\OneDrive_2022-12-08.zip
2022-12-12 10:33 - 2022-12-12 10:33 - 000129770 _____ C:\Users\x\Downloads\priloha_1094598768_1_Priloha_500_Kc (2).pdf
2022-12-12 10:22 - 2022-12-12 10:22 - 000129770 _____ C:\Users\x\Downloads\priloha_1094598768_1_Priloha_500_Kc (1).pdf
2022-12-12 10:20 - 2022-12-12 10:20 - 000070535 _____ C:\Users\x\Downloads\priloha_1094598768_0_MCP6_391083_2022-1 (1).pdf
2022-12-12 10:19 - 2022-12-12 10:20 - 000129770 _____ C:\Users\x\Downloads\priloha_1094598768_1_Priloha_500_Kc.pdf
2022-12-12 10:19 - 2022-12-12 10:19 - 000070535 _____ C:\Users\x\Downloads\priloha_1094598768_0_MCP6_391083_2022-1.pdf
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ___HD C:\AnyMP4 Temp
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\AnyMP4 Studio
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\Users\x\AppData\Local\AnyMP4 Studio
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\ProgramData\Apple
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\Program Files\Bonjour
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\Program Files (x86)\Bonjour
2022-12-11 12:13 - 2022-12-11 12:13 - 002165880 _____ ( ) C:\Users\x\Downloads\screen-recorder (1).exe
2022-12-11 12:13 - 2022-12-11 12:13 - 000000000 ____D C:\ProgramData\AnyMP4 Studio
2022-12-11 12:13 - 2022-12-11 12:13 - 000000000 ____D C:\Program Files\AnyMP4 Studio
2022-12-11 12:12 - 2022-12-11 12:12 - 000234920 _____ C:\Users\x\Downloads\soundtap.exe
2022-12-11 12:12 - 2022-12-11 12:12 - 000000000 ____D C:\Users\x\AppData\Roaming\NCH Swift Sound
2022-12-11 12:00 - 2022-12-11 12:01 - 000000000 ____D C:\Program Files (x86)\MP3 Recorder Studio
2022-12-11 12:00 - 2022-12-11 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Recorder Studio
2022-12-11 11:59 - 2022-12-11 11:59 - 002444977 _____ (ManiacTools.com ) C:\Users\x\Downloads\mp3-recorder.exe
2022-12-11 11:57 - 2022-12-11 11:57 - 001076685 _____ (FreeVoiceRecorder.com ) C:\Users\x\Downloads\freevoicerecorder_setup.exe
2022-12-11 11:57 - 2022-12-11 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Voice Recorder
2022-12-11 11:57 - 2022-12-11 11:57 - 000000000 ____D C:\Program Files (x86)\Free Voice Recorder
2022-12-11 11:48 - 2022-12-11 11:48 - 000000000 ____D C:\Users\x\AppData\Local\3delite
2022-12-11 11:48 - 2022-12-11 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictaphone
2022-12-11 11:48 - 2022-12-11 11:48 - 000000000 ____D C:\Program Files (x86)\Dictaphone
2022-12-11 11:46 - 2022-12-11 11:47 - 022354184 _____ (3delite ) C:\Users\x\Downloads\Dictaphone 1.0 Setup.exe
2022-12-11 11:45 - 2022-12-11 11:45 - 001065946 _____ C:\Users\x\Downloads\qtmp3r.exe
2022-12-11 11:45 - 2022-12-11 11:45 - 000000000 ____D C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTray MP3 Recorder
2022-12-11 11:45 - 2022-12-11 11:45 - 000000000 ____D C:\Program Files (x86)\QTray MP3 Recorder
2022-11-25 19:10 - 2022-11-25 19:10 - 000029310 _____ C:\Users\x\Downloads\msg0000 (40).WAV
2022-11-25 19:09 - 2022-11-25 19:09 - 000029310 _____ C:\Users\x\Downloads\msg0000 (39).WAV
2022-11-25 19:09 - 2022-11-25 19:09 - 000029310 _____ C:\Users\x\Downloads\msg0000 (38).WAV

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-17 12:12 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-17 12:10 - 2021-07-21 12:20 - 000000000 ____D C:\Users\x\AppData\LocalLow\Mozilla
2022-12-17 12:06 - 2021-03-06 00:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-17 11:26 - 2020-09-19 11:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-16 17:10 - 2021-03-06 01:06 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-16 17:10 - 2019-12-07 15:43 - 000683504 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-16 17:10 - 2019-12-07 15:43 - 000137284 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-16 17:03 - 2021-08-31 17:49 - 000000000 ____D C:\Program Files\TeamViewer
2022-12-16 17:03 - 2021-03-06 01:06 - 000003700 _____ C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task
2022-12-16 17:03 - 2021-03-06 01:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-16 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-16 17:02 - 2022-03-09 13:39 - 000235632 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2022-12-16 17:02 - 2022-03-09 13:39 - 000194336 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2022-12-16 17:02 - 2022-03-09 13:39 - 000121000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2022-12-16 17:02 - 2022-03-09 13:39 - 000080664 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2022-12-16 17:02 - 2021-06-23 20:29 - 000000000 ____D C:\Program Files (x86)\NetSetMan
2022-12-16 17:02 - 2021-03-06 00:57 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-16 17:02 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-12-16 17:01 - 2022-03-09 12:53 - 000016336 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2022-12-16 16:52 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-16 16:48 - 2022-10-27 07:46 - 000000000 ____D C:\Users\x\.zenmap
2022-12-16 11:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-16 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-16 10:56 - 2021-06-09 14:39 - 000000128 _____ C:\Users\x\AppData\Local\PUTTY.RND
2022-12-15 16:08 - 2022-02-09 19:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-14 15:27 - 2021-03-06 00:58 - 000467232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-14 15:26 - 2021-07-21 12:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-14 15:25 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 13:59 - 2021-07-21 12:20 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-14 10:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 10:53 - 2021-03-06 00:59 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-14 10:41 - 2019-10-31 20:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 10:35 - 2019-10-31 20:53 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-12 08:12 - 2019-10-31 19:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-12 08:03 - 2020-07-17 23:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-11 20:32 - 2021-06-08 14:29 - 000002385 _____ C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-12-11 11:27 - 2019-10-31 20:41 - 000000000 ____D C:\Users\x\AppData\Local\PlaceholderTileLogoFolder
2022-12-11 11:27 - 2019-10-31 19:24 - 000000000 ____D C:\Users\x\AppData\Local\Packages
2022-12-11 11:26 - 2021-06-12 18:30 - 000000000 ____D C:\Users\x\AppData\Local\ElevatedDiagnostics
2022-12-08 08:08 - 2021-12-13 07:46 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4226615632-1666699233-2089256746-1000
2022-12-08 08:08 - 2021-06-21 13:02 - 000003348 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4226615632-1666699233-2089256746-1000
2022-12-08 08:08 - 2021-06-21 13:02 - 000002406 _____ C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-05 13:21 - 2021-03-06 01:00 - 000000000 ____D C:\Users\x
2022-12-05 08:50 - 2020-09-14 18:38 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-11-22 10:28 - 2022-09-13 10:37 - 000000000 ____D C:\Users\x\AppData\Roaming\com.adobe.dunamis
2022-11-21 08:01 - 2022-10-13 07:27 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-21 08:01 - 2021-07-21 13:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories ========

2021-06-09 14:39 - 2022-12-16 10:56 - 000000128 _____ () C:\Users\x\AppData\Local\PUTTY.RND
2022-10-27 07:46 - 2022-12-02 12:35 - 000000869 _____ () C:\Users\x\AppData\Local\zenmap.exe.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by x (17-12-2022 12:15:19)
Running from C:\Users\x\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) (2021-03-06 00:06:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4226615632-1666699233-2089256746-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4226615632-1666699233-2089256746-503 - Limited - Disabled)
Guest (S-1-5-21-4226615632-1666699233-2089256746-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4226615632-1666699233-2089256746-504 - Limited - Disabled)
x (S-1-5-21-4226615632-1666699233-2089256746-1000 - Administrator - Enabled) => C:\Users\x

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced IP Scanner 2.5 (HKLM-x32\...\{4012E407-3BB2-443D-95D0-FC6662AA2E50}) (Version: 2.5.3850 - Famatech)
AnyMP4 Screen Recorder 1.3.86 (HKLM-x32\...\{BDB6239B-2754-49bc-98A7-B9C28D4D74F1}_is1) (Version: 1.3.86 - AnyMP4 Studio)
ApowerEdit V1.7.7.28 (HKLM-x32\...\{3089CCCD-BC5F-4309-A3C1-45B5ACA7A5E7}_is1) (Version: 1.7.7.28 - Apowersoft LIMITED)
ApowerREC V1.5.6.20 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.5.6.20 - Apowersoft LIMITED)
ASD Client 11.1 (HKLM-x32\...\{7F12F6C1-2271-4763-B2C4-F42AD3A05103}) (Version: 11.1 - Alcoma a.s.) Hidden
ASD Client 11.1 (HKLM-x32\...\ASD Client 11.1) (Version: - Alcoma a.s.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series Elektronická příručka (HKLM-x32\...\Canon TS5100 series Elektronická příručka) (Version: 1.1.0 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CPUID CPU-Z 2.02 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.02 - CPUID, Inc.)
Dictaphone 1.0.54.245 (HKLM-x32\...\{61FC1506-540C-4F87-4444-4CC4F8B62129}_is1) (Version: - 3delite)
ESET Endpoint Antivirus (HKLM\...\{F8DE2A0C-AE50-4915-9F99-12A9B1DFCADA}) (Version: 9.1.2060.0 - ESET, spol. s r.o.)
ESET Management Agent (HKLM\...\{869F34CE-F664-4BCE-8904-3DD9F4310F23}) (Version: 10.0.1126.0 - ESET, spol. s r.o.)
Free Voice Recorder (HKLM-x32\...\{AC69681F-2E17-4F3E-BF48-1603A78AD0BC}_is1) (Version: - FreeVoiceRecorder.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.2.0.4 (HKLM\...\{C52FBB79-D0A7-4F28-9CEC-3B262694409B}) (Version: 7.2.0.4 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Teams) (Version: 1.5.00.33362 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Movavi Screen Recorder 22 (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Movavi Screen Recorder 22) (Version: 22.4.0 - Movavi)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 108.0 (x64 cs)) (Version: 108.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.1 - Mozilla)
MP3 Recorder Studio 5.9 (HKLM-x32\...\MP3 Recorder Studio_is1) (Version: - ManiacTools.com)
NetSetMan 5.0.6 (HKLM-x32\...\NetSetMan_is1) (Version: 5.0.6 - NetSetMan GmbH)
Nmap 7.93 (HKLM-x32\...\Nmap) (Version: 7.93 - Nmap Project)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.71 - Nmap Project)
PuTTY release 0.75 (HKLM-x32\...\{959D1CA2-9536-481C-86DD-155C09227F22}) (Version: 0.75.0.0 - Simon Tatham)
QTray MP3 Recorder 1.0 (HKLM-x32\...\QTray MP3 Recorder) (Version: 1.0 - Kongsoft, Inc.)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.0 - Canon Inc.)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.33.7 - TeamViewer)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
VirtualDJ 2021 (HKLM\...\{297A6FFE-9D1B-418E-84F5-561B7F7D77C4}) (Version: 8.5.6613.0 - Atomix Productions)
Zoom (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\ZoomUMX) (Version: 5.3.2 (53291.1011) - Zoom Video Communications, Inc.)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-11-30] (Microsoft Corporation)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.23.0_x64__ffd303wmbhcjt [2022-11-21] (BreeZip)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.28.17.0_x64__kgqvnymyfvs32 [2022-12-14] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.94.3.0_x64__kgqvnymyfvs32 [2022-12-07] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-12-03] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-06] (Microsoft Corporation) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-15] (Any DVD &amp; Office App)
OfficeSuite Personal Free -> C:\Program Files\WindowsApps\MobiSystems.OfficeSuitePersonalFree_6.98.48662.0_x64__8m57vzdwnbybp [2022-11-30] (Mobisystems)
Recorder One -> C:\Program Files\WindowsApps\IPTGroup.LuckyRecorderFree_10.10.45.0_x64__fbja025meezca [2022-12-11] (IPT International Technologies Corporation.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-10-03] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-11] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.2.0_x86__3h5nez1g3qt2c [2022-08-29] (GT Office PDF Studio)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-08-16] (VideoLAN)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CusCustomCLSID: HKU\S-1-5-21-4226615632-1666699233-2089256746-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\x\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22304.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-16] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [294912 2007-02-10] (Microsoft Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) =============

2020-09-14 18:41 - 2016-10-21 15:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2020-09-14 18:47 - 2017-07-05 12:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2020-09-14 18:41 - 2016-12-01 08:23 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2020-09-14 18:41 - 2016-12-09 10:09 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2020-09-14 18:41 - 2016-12-09 10:09 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2020-09-14 18:47 - 2017-07-05 12:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\PuTTY\
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E822D18B-FA4B-4D1A-B538-4A2571682734}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{10A65573-48B0-40DB-8C41-0B86B777B54A}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ECBA04CB-9980-4815-B228-595F324F1A52}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{77409404-9BDE-47A7-8C92-B41F44E676D1}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{F18D650E-7130-4AF8-BFC3-0614E3594BA3}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{07530F0F-9D10-4EB2-ABF9-A9654D4178E9}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{68A01DFF-EA0B-4ABA-A68E-BE21B0D3A0D4}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [{1E805BAB-7CE9-45BA-9242-0FE54CE1FFA2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB359713-CBA0-4404-8BF1-4A3AFB7C64A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A37D7D4-DB6F-45FD-BC86-2E5ADD170F74}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_301\bin\java.exe
FirewallRules: [{3E05E468-3E10-4509-B142-A8A7545D7629}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_301\bin\java.exe
FirewallRules: [{C8AF7AF3-0997-4A6A-AE1D-DE64DB39EBBB}] => (Allow) C:\Users\x\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{C2037CE9-4389-428B-9B57-990F6733B562}] => (Allow) C:\Users\x\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [TCP Query User{BB192AA5-7244-4700-8AEF-2F56538FF910}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [UDP Query User{F3EB94D3-45BD-479F-9E92-28F7EAD4B480}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [TCP Query User{537513B4-4898-4861-AD8A-B25EB0B818DE}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [UDP Query User{22B7C89D-7FEE-4DEE-BD18-A325FBE8F40E}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [TCP Query User{436A7E6A-0516-46BC-A7A9-380D484F565E}C:\program files (x86)\java\jre1.8.0_301\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\java.exe
FirewallRules: [UDP Query User{5553DE32-AFEC-4E84-AB50-F4AEB8AC5B2E}C:\program files (x86)\java\jre1.8.0_301\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\java.exe
FirewallRules: [TCP Query User{DB80EE5C-4C11-4DDF-AD5D-C0613C2872EC}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{17CF9A78-A50C-4B93-B063-6043BE9A41A8}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{71401F4A-D712-442E-9E07-71719D3D3ED7}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{423E2273-4D7F-44F2-9BD8-B7F0C28469F5}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [{94371512-6D84-4442-BF9C-AE357001E122}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{B82305DA-524E-4498-8607-87DD3B3547FF}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D7CA0F96-44C8-45DF-86E2-244F39659051}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CE23931B-72F0-498E-BE56-196311B9F7A0}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{4E23E384-B99C-4A02-A025-BCEDCC3C7541}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{23F01120-E807-48A1-96AE-EB62C5BDDE68}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6D169BD0-859E-4EBD-A887-0416E20F96C7}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{5AD69D5D-1417-4C5E-A13C-7903AD40AA8A}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
FirewallRules: [{BE873B65-8906-49C7-8505-412C996C5987}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E2BBD6A9-1E55-4126-9695-2121E69F0EE1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E215856C-C785-4765-B95B-1B1232D2D77D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5857ECD8-B4A7-4825-9709-FD95AFB15B40}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5292A0B3-3A68-47C1-A35A-493F5594BA45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8AA06F4A-BB83-4EEF-AA1E-9950EDEA312A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6086363-8721-45CE-92D1-A664FAC77215}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB0EFCFB-6E80-444F-B35A-AFF56A65F2FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1BCDAD9-219D-4220-97E1-FBE0BF84F9B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02189F4E-641D-4B0C-B30A-8899924EF65C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C8FDAD1-F998-4770-AEA5-044B0E09C057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C751005F-B8AC-4074-8428-E8D2CC9B5628}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{A5225BE8-FEB4-45C7-B41C-8BA4A6BB2E12}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0AAAB881-155E-477D-966C-8E3E3A7AE79C}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C573D84B-F8F1-4F45-9846-86B2DCE4D221}C:\users\x\downloads\winbox.exe] => (Block) C:\users\x\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{0E38B1CC-845E-4C13-ACC0-F80C104D8BD2}C:\users\x\downloads\winbox.exe] => (Block) C:\users\x\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [{76099FA3-F215-4C6D-BF69-A016D1E90D2D}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C3EBCAA1-B79A-42C0-BE14-416A2BD2D45D}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{BFBA72E5-EDDB-4283-8797-8FE37517FF7F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{70E793A2-5587-46C3-A274-B19B50FBF311}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{DA182E6D-A89F-4552-A108-2F9B81AB7B71}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2428F7F3-F1EB-48EF-9937-D5F7BA1F8453}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2E2CA5A6-663E-4DE5-BA3E-8AAD57443087}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{950617C2-1C39-435B-9662-452136EF356C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CECF85A0-4821-4A10-8B3B-6C37FFC49E13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CC22A00C-261C-4226-8C2F-D0EE68648337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C11D44D8-22E8-41CA-9484-B184583DE8A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F66E0BB9-F5ED-4711-8ACC-EB648FEAE339}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F8C569F0-B744-4E5D-ABE9-1CEDF9C02A1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{791F5F77-07BC-4B46-88F6-3E3517DE594B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9B37DF3D-D26B-4073-B31C-4A2666C579CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D11F2419-12E4-4AA6-9A16-F5DBE76D05C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E5A70C40-7E90-44D4-9555-AC01728DB852}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E21740F-B5C7-4F2B-AA31-D32E2C030932}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8F2E9176-E618-47C2-9D37-41193555AA36}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7A2680CA-36FB-4EF5-8708-E07787214999}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B77E99-85E8-490F-B53E-B50B52B79977}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D12162F1-550B-485C-AA2D-E971F4CB5813}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{400652F1-9E5D-4C7D-985A-86B1C41065A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7724C76-524B-4B10-B974-C3D6530ED08B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{644CF4C1-C811-412B-A47A-1EA8013784C0}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)
FirewallRules: [UDP Query User{B205278B-A82F-4668-A98E-592EE029D195}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)
FirewallRules: [{3CF2FE05-108E-4245-BCC4-FF829563D5F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5A5D7C69-AD17-47DC-842C-5A1462A31BC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E33E1C0D-A3BA-435F-8833-E48D2EECAB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85CFDBB9-2926-45F5-894D-B66EA6EAFAE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B78A65B7-04D2-4F64-A2A7-84E2F261D5FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3694AEF-247B-413E-A5E7-FC3D9085473F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8CB2EB0B-F4BE-4BC1-BAAA-31745521A542}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0807833C-DE9E-4DC1-9EEA-20824DA4B4E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6E826960-8666-402A-8417-1DED9569A524}] => (Allow) C:\Program Files\AnyMP4 Studio\AnyMP4 Screen Recorder\MirrorRender.exe (OKWare Co., Ltd -> )
FirewallRules: [{F7AAB671-1B7B-4711-91B2-B455AF7BF249}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{660AEDAD-CED3-4423-831C-BDFF172E930A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CC3994DE-46D9-4D95-901D-21361F59AE02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BE78BBF-6FA1-409B-983F-B638C43D6FA7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{72CB6259-30EF-42BC-8FA9-2A6974C1B404}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{71CD7CD4-89E6-4E74-BD72-0DF0C5761FC6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9E71A4-D2A4-4D95-AF46-B03DF0DAE054}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3965FF30-B93E-453C-96A5-A37E41397C79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC9CD279-AECE-439C-9848-A190C3146A65}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9CC5152D-70CE-4960-8397-1113740A2F50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{905A59A6-8E63-4A24-AE1D-CE4008B7E2A1}C:\program files (x86)\nmap\nmap.exe] => (Block) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)
FirewallRules: [UDP Query User{87E83555-EA3A-416E-BE90-0A8B8AF36DBB}C:\program files (x86)\nmap\nmap.exe] => (Block) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.71 GB) (Free:39.1 GB) (35%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/17/2022 10:04:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff89486200f
ID chybujícího procesu: 0x2fac
Čas spuštění chybující aplikace: 0x01d911f69bea1abd
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: adba7aab-a7bc-4eed-af51-cdfa2ef3ce9d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/17/2022 10:04:47 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (12/17/2022 10:04:45 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (12/17/2022 10:04:45 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (12/17/2022 10:04:45 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (12/16/2022 05:06:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Teams.exe, verze: 1.5.0.33362, časové razítko: 0x61e7444e
Název chybujícího modulu: Teams.exe, verze: 1.5.0.33362, časové razítko: 0x61e7444e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000029c8993
ID chybujícího procesu: 0xf80
Čas spuštění chybující aplikace: 0x01d911681f14e791
Cesta k chybující aplikaci: C:\Users\x\AppData\Local\Microsoft\Teams\current\Teams.exe
Cesta k chybujícímu modulu: C:\Users\x\AppData\Local\Microsoft\Teams\current\Teams.exe
ID zprávy: 67d7e346-1590-4843-80c2-e6a428909fb4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/16/2022 05:03:48 PM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Registrace certifikátu SCEP pro WORKGROUP\-PC$ přes https://STM-KeyId-f3c91574a6e773ff13bf0 ... s/Aik/scep se nepovedla:

SubmitDone
Submit(Request): Bad Request
{"Message":"No valid TPM EK/Platform certificate provided in the TPM identity request message."}
HTTP/1.1 400 Bad Request
Date: Fri, 16 Dec 2022 16:03:49 GMT
Content-Length: 96
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 821258fd-66e1-466c-8972-f3d404f105d7

Metoda: POST(5672ms)
Fáze: SubmitDone
Chybná žádost (400) 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (12/16/2022 05:02:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (12/16/2022 05:03:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/16/2022 11:14:53 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/16/2022 02:08:25 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/15/2022 08:17:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/14/2022 03:26:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/14/2022 01:25:32 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/14/2022 10:30:33 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/12/2022 08:01:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou:
%%2147952449 = Požadovaná adresa není v tomto kontextu platná.


Windows Defender:
================
Date: 2022-12-16 08:37:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {86422EB9-40A0-4CE1-AC6F-49126FE4B9F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-15 10:01:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E021C2BC-7042-485B-9DFA-0EB2BD91DF56}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-14 08:34:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {18341394-7587-415D-A341-8520DAA578C4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-13 11:53:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E533E05D-532E-4003-B6E5-80D2D6131793}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-11 13:29:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC8613A4-1695-47C8-AB87-AB3CF4487A0E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-12-02 12:38:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.379.1259.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-11-24 13:38:32
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.379.798.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-11-09 15:03:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.379.37.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.

Date: 2022-11-08 12:07:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.377.1429.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-10-26 15:46:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.377.768.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2022-12-17 12:13:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-17 12:13:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 8DET41WW (1.11 ) 03/28/2011
Motherboard: LENOVO 4291BD2
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 63%
Total physical RAM: 8079.24 MB
Available physical RAM: 2946.79 MB
Total Virtual: 9359.24 MB
Available Virtual: 3986.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:110.71 GB) (Free:39.1 GB) (Model: Patriot Burst) NTFS

\\?\Volume{a97a2298-d6aa-4537-bff2-717a35c7abe2}\ (WINRE) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{32997123-724d-438f-8aa6-ba06deb1c87f}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{00e4b218-3151-4b8e-bd71-50addb2093b8}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podivné chování NTB

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dogs
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 říj 2006 22:50

Re: Prosím o kontrolu, podivné chování NTB

#3 Příspěvek od Dogs »

Krásný den,

log níže

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-18-2022
# Duration: 00:00:04
# OS:       Windows 10 (Build 19044.2364)
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com

***** [ Chromium (and derivatives) ] *****

Deleted       Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted       gpmlkknmhomikheehibdnedjampadffh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.LenovoPowerManager   Folder   C:\Windows\SysWOW64\LENOVO\POWERMGR
Deleted       Preinstalled.LenovoPowerManager   Folder   C:\Windows\System32\LENOVO\POWERMGR


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2080 octets] - [18/12/2022 11:19:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podivné chování NTB

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dogs
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 říj 2006 22:50

Re: Prosím o kontrolu, podivné chování NTB

#5 Příspěvek od Dogs »

Tady jsou

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2022
Ran by x (administrator) on -PC (LENOVO 4291BD2) (18-12-2022 13:40:58)
Running from C:\Users\x\Plocha
Loaded Profiles: x
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\x\AppData\Local\Microsoft\OneDrive\22.238.1114.0002\Microsoft.SharePoint.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21238.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21238.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194480 2022-12-16] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [NetSetMan] => C:\Program Files (x86)\NetSetMan\netsetman.exe [13147800 2021-05-31] (NetSetMan GmbH -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\x\AppData\Local\Microsoft\Teams\Update.exe [2587416 2022-12-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Run: [MicrosoftEdgeAutoLaunch_A83E2D204AB19DCE5550F9BE74E84F70] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\MountPoints2: {625b5856-1f51-11eb-9600-f0def1bf687d} - "D:\HiSuiteDownLoader.exe" 
HKLM\...\Windows x64\Print Processors\Canon TS5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDQ.DLL [482816 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5100 series: C:\WINDOWS\system32\CNMLMDQ.DLL [1302016 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A29CEF2-3947-46DF-BD47-ECC9E89B410F} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [File not signed]
Task: {114F5A86-F69D-4B60-A2CF-93842313EC8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {75B2E4C7-6DDC-480C-A910-FCB548C12DD5} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {B588B86A-ADB5-4748-ACCF-A720E62F89AB} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [851800 2018-12-25] (Lenovo -> Lenovo.)
Task: {CBAEF37D-710A-4A4A-9454-F19C3BBEF5D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {D09170B4-7FFF-412C-AC8B-023B71400509} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EBDFA47E-517C-4A3E-9770-F10781FC1EFD} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (No File)
Task: {FA71C26C-6ABB-47F1-835B-173D3FCD2E8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{a37f2d34-3320-4816-b13a-3b28cbb4e434}: [DhcpNameServer] 178.17.0.11 178.17.0.12
Tcpip\..\Interfaces\{d4e3dcf9-6d26-43f6-a335-df46c2c3b7d4}: [DhcpNameServer] 192.168.20.2 31.170.176.86

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\x\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-17]
Edge Notifications: Default -> hxxps://www.facebook.com

FireFox:
========
FF DefaultProfile: 3ttbg860.default
FF ProfilePath: C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\3ttbg860.default [2021-07-21]
FF ProfilePath: C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tz2pxwkr.default-release [2022-12-15]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-12-18]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\x\AppData\Local\Google\Chrome\User Data\Default [2022-12-18]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://pushwelcome.com; hxxps://www.conrad.cz
CHR NewTab: Default ->  Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Dokumenty Google offline) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-29]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2021-06-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2022-12-18]
CHR Profile: C:\Users\x\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-28]
CHR Profile: C:\Users\x\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [53880 2022-12-16] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-12-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-12-16] (ESET, spol. s r.o. -> ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1494808 2022-11-01] (ESET, spol. s r.o. -> ESET)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892760 2018-12-25] (Lenovo -> Lenovo.)
S2 nsmService; C:\Program Files (x86)\NetSetMan\nsmservice.exe [2329240 2020-12-20] (NetSetMan GmbH -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16360768 2022-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [194336 2022-12-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [235632 2022-12-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [80664 2022-12-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [121000 2022-12-16] (ESET, spol. s r.o. -> ESET)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44160 2018-12-25] (Lenovo -> Lenovo.)
R2 risdxc; C:\WINDOWS\system32\DRIVERS\risdxc64.sys [101888 2011-05-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-18 11:19 - 2022-12-18 11:20 - 000000000 ____D C:\AdwCleaner
2022-12-18 09:47 - 2022-12-18 13:40 - 000000000 ____D C:\Users\x\Downloads\Viry_logy_atd
2022-12-17 12:30 - 2022-12-17 12:30 - 000000000 ____D C:\Users\x\AppData\Local\NPE
2022-12-17 12:30 - 2022-12-17 12:30 - 000000000 ____D C:\ProgramData\Norton
2022-12-17 12:12 - 2022-12-18 13:41 - 000000000 ____D C:\FRST
2022-12-16 17:11 - 2022-12-16 17:11 - 000000000 ____D C:\Users\x\AppData\Local\ESET
2022-12-16 16:52 - 2022-12-16 16:52 - 000057449 _____ C:\WINDOWS\system32\NOTICE_mod
2022-12-16 16:51 - 2022-12-16 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-12-16 16:51 - 2022-12-16 16:51 - 000000000 ____D C:\ProgramData\ESET
2022-12-16 16:51 - 2022-12-16 16:51 - 000000000 ____D C:\Program Files\ESET
2022-12-14 10:54 - 2022-12-14 10:54 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-14 10:53 - 2022-12-14 10:53 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-12-14 10:46 - 2022-12-18 09:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-14 10:41 - 2022-12-14 10:41 - 000000000 ___HD C:\$WinREAgent
2022-12-12 15:42 - 2022-12-12 15:42 - 000000000 ____D C:\Users\x\Downloads\OneDrive_2022-12-08
2022-12-12 15:40 - 2022-12-12 15:40 - 070436706 _____ C:\Users\x\Downloads\OneDrive_2022-12-08.zip
2022-12-12 10:33 - 2022-12-12 10:33 - 000129770 _____ C:\Users\x\Downloads\priloha_1094598768_1_Priloha_500_Kc (2).pdf
2022-12-12 10:22 - 2022-12-12 10:22 - 000129770 _____ C:\Users\x\Downloads\priloha_1094598768_1_Priloha_500_Kc (1).pdf
2022-12-12 10:20 - 2022-12-12 10:20 - 000070535 _____ C:\Users\x\Downloads\priloha_1094598768_0_MCP6_391083_2022-1 (1).pdf
2022-12-12 10:19 - 2022-12-12 10:20 - 000129770 _____ C:\Users\x\Downloads\priloha_1094598768_1_Priloha_500_Kc.pdf
2022-12-12 10:19 - 2022-12-12 10:19 - 000070535 _____ C:\Users\x\Downloads\priloha_1094598768_0_MCP6_391083_2022-1.pdf
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ___HD C:\AnyMP4 Temp
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\AnyMP4 Studio
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\Users\x\AppData\Local\AnyMP4 Studio
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\ProgramData\Apple
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\Program Files\Bonjour
2022-12-11 12:14 - 2022-12-11 12:14 - 000000000 ____D C:\Program Files (x86)\Bonjour
2022-12-11 12:13 - 2022-12-11 12:13 - 002165880 _____ ( ) C:\Users\x\Downloads\screen-recorder (1).exe
2022-12-11 12:13 - 2022-12-11 12:13 - 000000000 ____D C:\ProgramData\AnyMP4 Studio
2022-12-11 12:13 - 2022-12-11 12:13 - 000000000 ____D C:\Program Files\AnyMP4 Studio
2022-12-11 12:12 - 2022-12-11 12:12 - 000234920 _____ C:\Users\x\Downloads\soundtap.exe
2022-12-11 12:12 - 2022-12-11 12:12 - 000000000 ____D C:\Users\x\AppData\Roaming\NCH Swift Sound
2022-12-11 12:00 - 2022-12-11 12:01 - 000000000 ____D C:\Program Files (x86)\MP3 Recorder Studio
2022-12-11 12:00 - 2022-12-11 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Recorder Studio
2022-12-11 11:59 - 2022-12-11 11:59 - 002444977 _____ (ManiacTools.com ) C:\Users\x\Downloads\mp3-recorder.exe
2022-12-11 11:57 - 2022-12-11 11:57 - 001076685 _____ (FreeVoiceRecorder.com ) C:\Users\x\Downloads\freevoicerecorder_setup.exe
2022-12-11 11:57 - 2022-12-11 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Voice Recorder
2022-12-11 11:57 - 2022-12-11 11:57 - 000000000 ____D C:\Program Files (x86)\Free Voice Recorder
2022-12-11 11:48 - 2022-12-11 11:48 - 000000000 ____D C:\Users\x\AppData\Local\3delite
2022-12-11 11:48 - 2022-12-11 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictaphone
2022-12-11 11:48 - 2022-12-11 11:48 - 000000000 ____D C:\Program Files (x86)\Dictaphone
2022-12-11 11:46 - 2022-12-11 11:47 - 022354184 _____ (3delite ) C:\Users\x\Downloads\Dictaphone 1.0 Setup.exe
2022-12-11 11:45 - 2022-12-11 11:45 - 001065946 _____ C:\Users\x\Downloads\qtmp3r.exe
2022-12-11 11:45 - 2022-12-11 11:45 - 000000000 ____D C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTray MP3 Recorder
2022-12-11 11:45 - 2022-12-11 11:45 - 000000000 ____D C:\Program Files (x86)\QTray MP3 Recorder
2022-11-30 19:14 - 2022-11-30 19:14 - 000000077 ____H C:\Users\x\Downloads\.~lock.Vnet_filmovy_kviz_vanocni_vecirek.pptx#
2022-11-25 19:10 - 2022-11-25 19:10 - 000029310 _____ C:\Users\x\Downloads\msg0000 (40).WAV
2022-11-25 19:09 - 2022-11-25 19:09 - 000029310 _____ C:\Users\x\Downloads\msg0000 (39).WAV
2022-11-25 19:09 - 2022-11-25 19:09 - 000029310 _____ C:\Users\x\Downloads\msg0000 (38).WAV

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-18 13:40 - 2021-03-06 00:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-18 13:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-18 13:26 - 2020-09-19 11:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-18 12:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-18 12:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-18 11:20 - 2020-06-16 21:32 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2022-12-18 11:20 - 2019-10-31 20:42 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2022-12-18 09:10 - 2021-07-21 12:20 - 000000000 ____D C:\Users\x\AppData\LocalLow\Mozilla
2022-12-17 17:06 - 2020-07-17 23:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-17 12:12 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-16 17:10 - 2021-03-06 01:06 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-16 17:10 - 2019-12-07 15:43 - 000683504 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-16 17:10 - 2019-12-07 15:43 - 000137284 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-16 17:05 - 2021-06-21 07:48 - 000000000 ___RD C:\Users\x\Vnet
2022-12-16 17:03 - 2021-08-31 17:49 - 000000000 ____D C:\Program Files\TeamViewer
2022-12-16 17:03 - 2021-03-06 01:06 - 000003700 _____ C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task
2022-12-16 17:03 - 2021-03-06 01:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-16 17:02 - 2022-03-09 13:39 - 000235632 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2022-12-16 17:02 - 2022-03-09 13:39 - 000194336 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2022-12-16 17:02 - 2022-03-09 13:39 - 000121000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2022-12-16 17:02 - 2022-03-09 13:39 - 000080664 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2022-12-16 17:02 - 2021-06-23 20:29 - 000000000 ____D C:\Program Files (x86)\NetSetMan
2022-12-16 17:02 - 2021-03-06 00:57 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-16 17:02 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-12-16 17:01 - 2022-03-09 12:53 - 000016336 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2022-12-16 16:52 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-16 16:48 - 2022-10-27 07:46 - 000000000 ____D C:\Users\x\.zenmap
2022-12-16 10:56 - 2021-06-09 14:39 - 000000128 _____ C:\Users\x\AppData\Local\PUTTY.RND
2022-12-15 16:08 - 2022-02-09 19:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-14 15:27 - 2021-03-06 00:58 - 000467232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-14 15:26 - 2021-07-21 12:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-14 15:25 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-14 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 13:59 - 2021-07-21 12:20 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-14 10:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 10:53 - 2021-03-06 00:59 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-14 10:41 - 2019-10-31 20:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 10:35 - 2019-10-31 20:53 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-12 08:12 - 2019-10-31 19:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-11 20:32 - 2021-06-08 14:29 - 000002385 _____ C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-12-11 11:27 - 2019-10-31 20:41 - 000000000 ____D C:\Users\x\AppData\Local\PlaceholderTileLogoFolder
2022-12-11 11:27 - 2019-10-31 19:24 - 000000000 ____D C:\Users\x\AppData\Local\Packages
2022-12-11 11:26 - 2021-06-12 18:30 - 000000000 ____D C:\Users\x\AppData\Local\ElevatedDiagnostics
2022-12-08 08:08 - 2021-12-13 07:46 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4226615632-1666699233-2089256746-1000
2022-12-08 08:08 - 2021-06-21 13:02 - 000003348 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4226615632-1666699233-2089256746-1000
2022-12-08 08:08 - 2021-06-21 13:02 - 000002406 _____ C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-05 13:21 - 2021-03-06 01:00 - 000000000 ____D C:\Users\x
2022-12-05 08:50 - 2020-09-14 18:38 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-11-22 10:28 - 2022-09-13 10:37 - 000000000 ____D C:\Users\x\AppData\Roaming\com.adobe.dunamis
2022-11-21 08:01 - 2022-10-13 07:27 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-21 08:01 - 2021-07-21 13:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories ========

2021-06-09 14:39 - 2022-12-16 10:56 - 000000128 _____ () C:\Users\x\AppData\Local\PUTTY.RND
2022-10-27 07:46 - 2022-12-02 12:35 - 000000869 _____ () C:\Users\x\AppData\Local\zenmap.exe.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by x (18-12-2022 13:43:13)
Running from C:\Users\x\OneDrive - UVTnet\Plocha
Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) (2021-03-06 00:06:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4226615632-1666699233-2089256746-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4226615632-1666699233-2089256746-503 - Limited - Disabled)
Guest (S-1-5-21-4226615632-1666699233-2089256746-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4226615632-1666699233-2089256746-504 - Limited - Disabled)
x (S-1-5-21-4226615632-1666699233-2089256746-1000 - Administrator - Enabled) => C:\Users\x

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced IP Scanner 2.5 (HKLM-x32\...\{4012E407-3BB2-443D-95D0-FC6662AA2E50}) (Version: 2.5.3850 - Famatech)
AnyMP4 Screen Recorder 1.3.86 (HKLM-x32\...\{BDB6239B-2754-49bc-98A7-B9C28D4D74F1}_is1) (Version: 1.3.86 - AnyMP4 Studio)
ApowerEdit V1.7.7.28 (HKLM-x32\...\{3089CCCD-BC5F-4309-A3C1-45B5ACA7A5E7}_is1) (Version: 1.7.7.28 - Apowersoft LIMITED)
ApowerREC V1.5.6.20 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.5.6.20 - Apowersoft LIMITED)
ASD Client 11.1 (HKLM-x32\...\{7F12F6C1-2271-4763-B2C4-F42AD3A05103}) (Version: 11.1 - Alcoma a.s.) Hidden
ASD Client 11.1 (HKLM-x32\...\ASD Client 11.1) (Version:  - Alcoma a.s.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series Elektronická příručka (HKLM-x32\...\Canon TS5100 series Elektronická příručka) (Version: 1.1.0 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
CPUID CPU-Z 2.02 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.02 - CPUID, Inc.)
Dictaphone 1.0.54.245 (HKLM-x32\...\{61FC1506-540C-4F87-4444-4CC4F8B62129}_is1) (Version:  - 3delite)
ESET Endpoint Antivirus (HKLM\...\{F8DE2A0C-AE50-4915-9F99-12A9B1DFCADA}) (Version: 9.1.2060.0 - ESET, spol. s r.o.)
ESET Management Agent (HKLM\...\{869F34CE-F664-4BCE-8904-3DD9F4310F23}) (Version: 10.0.1126.0 - ESET, spol. s r.o.)
Free Voice Recorder (HKLM-x32\...\{AC69681F-2E17-4F3E-BF48-1603A78AD0BC}_is1) (Version:  - FreeVoiceRecorder.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.2.0.4 (HKLM\...\{C52FBB79-D0A7-4F28-9CEC-3B262694409B}) (Version: 7.2.0.4 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Teams) (Version: 1.5.00.33362 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Movavi Screen Recorder 22 (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\Movavi Screen Recorder 22) (Version: 22.4.0 - Movavi)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 108.0 (x64 cs)) (Version: 108.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.1 - Mozilla)
MP3 Recorder Studio 5.9 (HKLM-x32\...\MP3 Recorder Studio_is1) (Version:  - ManiacTools.com)
NetSetMan 5.0.6 (HKLM-x32\...\NetSetMan_is1) (Version: 5.0.6 - NetSetMan GmbH)
Nmap 7.93 (HKLM-x32\...\Nmap) (Version: 7.93 - Nmap Project)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.71 - Nmap Project)
PuTTY release 0.75 (HKLM-x32\...\{959D1CA2-9536-481C-86DD-155C09227F22}) (Version: 0.75.0.0 - Simon Tatham)
QTray MP3 Recorder 1.0 (HKLM-x32\...\QTray MP3 Recorder) (Version: 1.0 - Kongsoft, Inc.)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.0 - Canon Inc.)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.33.7 - TeamViewer)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version:  - )
VirtualDJ 2021 (HKLM\...\{297A6FFE-9D1B-418E-84F5-561B7F7D77C4}) (Version: 8.5.6613.0 - Atomix Productions)
Zoom (HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\ZoomUMX) (Version: 5.3.2 (53291.1011) - Zoom Video Communications, Inc.)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-11-30] (Microsoft Corporation)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.23.0_x64__ffd303wmbhcjt [2022-11-21] (BreeZip)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.28.17.0_x64__kgqvnymyfvs32 [2022-12-14] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.94.3.0_x64__kgqvnymyfvs32 [2022-12-07] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-12-03] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-06] (Microsoft Corporation) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-15] (Any DVD &amp; Office App)
OfficeSuite Personal Free -> C:\Program Files\WindowsApps\MobiSystems.OfficeSuitePersonalFree_6.98.48662.0_x64__8m57vzdwnbybp [2022-11-30] (Mobisystems)
Recorder One -> C:\Program Files\WindowsApps\IPTGroup.LuckyRecorderFree_10.10.45.0_x64__fbja025meezca [2022-12-11] (IPT International Technologies Corporation.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-10-03] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-11] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.2.0_x86__3h5nez1g3qt2c [2022-08-29] (GT Office PDF Studio)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-08-16] (VideoLAN)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4226615632-1666699233-2089256746-1000_Classes\CLSID\{04271989-C4D2-6CC8-5D6C-228582E07022} -> [Vnet] => C:\Users\x\Vnet [2021-06-21 07:48]
CustomCLSID: HKU\S-1-5-21-4226615632-1666699233-2089256746-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\x\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22304.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-16] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [294912 2007-02-10] (Microsoft Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\x\OneDrive - Vnet\Plocha\scripty\puttylink_local_UBNT-default – zástupce.lnk -> C:\Program Files (x86)\PuTTY\puttylink_local_UBNT-default.bat ()
ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-07] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\PuTTY\
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 178.17.0.11 - 178.17.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E822D18B-FA4B-4D1A-B538-4A2571682734}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{10A65573-48B0-40DB-8C41-0B86B777B54A}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ECBA04CB-9980-4815-B228-595F324F1A52}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{77409404-9BDE-47A7-8C92-B41F44E676D1}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{F18D650E-7130-4AF8-BFC3-0614E3594BA3}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{07530F0F-9D10-4EB2-ABF9-A9654D4178E9}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{68A01DFF-EA0B-4ABA-A68E-BE21B0D3A0D4}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [{1E805BAB-7CE9-45BA-9242-0FE54CE1FFA2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB359713-CBA0-4404-8BF1-4A3AFB7C64A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A37D7D4-DB6F-45FD-BC86-2E5ADD170F74}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_301\bin\java.exe
FirewallRules: [{3E05E468-3E10-4509-B142-A8A7545D7629}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_301\bin\java.exe
FirewallRules: [{C8AF7AF3-0997-4A6A-AE1D-DE64DB39EBBB}] => (Allow) C:\Users\x\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{C2037CE9-4389-428B-9B57-990F6733B562}] => (Allow) C:\Users\x\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [TCP Query User{BB192AA5-7244-4700-8AEF-2F56538FF910}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [UDP Query User{F3EB94D3-45BD-479F-9E92-28F7EAD4B480}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [TCP Query User{537513B4-4898-4861-AD8A-B25EB0B818DE}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [UDP Query User{22B7C89D-7FEE-4DEE-BD18-A325FBE8F40E}C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\javaw.exe
FirewallRules: [TCP Query User{436A7E6A-0516-46BC-A7A9-380D484F565E}C:\program files (x86)\java\jre1.8.0_301\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\java.exe
FirewallRules: [UDP Query User{5553DE32-AFEC-4E84-AB50-F4AEB8AC5B2E}C:\program files (x86)\java\jre1.8.0_301\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_301\bin\java.exe
FirewallRules: [TCP Query User{DB80EE5C-4C11-4DDF-AD5D-C0613C2872EC}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{17CF9A78-A50C-4B93-B063-6043BE9A41A8}C:\users\x\downloads\winbox64.exe] => (Allow) C:\users\x\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{71401F4A-D712-442E-9E07-71719D3D3ED7}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{423E2273-4D7F-44F2-9BD8-B7F0C28469F5}C:\program files\winbox\winbox.exe.exe] => (Allow) C:\program files\winbox\winbox.exe.exe (Mikrotikls SIA -> )
FirewallRules: [{94371512-6D84-4442-BF9C-AE357001E122}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{B82305DA-524E-4498-8607-87DD3B3547FF}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D7CA0F96-44C8-45DF-86E2-244F39659051}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CE23931B-72F0-498E-BE56-196311B9F7A0}] => (Allow) C:\Users\x\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{4E23E384-B99C-4A02-A025-BCEDCC3C7541}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{23F01120-E807-48A1-96AE-EB62C5BDDE68}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6D169BD0-859E-4EBD-A887-0416E20F96C7}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{5AD69D5D-1417-4C5E-A13C-7903AD40AA8A}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
FirewallRules: [{BE873B65-8906-49C7-8505-412C996C5987}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E2BBD6A9-1E55-4126-9695-2121E69F0EE1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E215856C-C785-4765-B95B-1B1232D2D77D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5857ECD8-B4A7-4825-9709-FD95AFB15B40}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5292A0B3-3A68-47C1-A35A-493F5594BA45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8AA06F4A-BB83-4EEF-AA1E-9950EDEA312A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6086363-8721-45CE-92D1-A664FAC77215}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB0EFCFB-6E80-444F-B35A-AFF56A65F2FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1BCDAD9-219D-4220-97E1-FBE0BF84F9B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02189F4E-641D-4B0C-B30A-8899924EF65C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C8FDAD1-F998-4770-AEA5-044B0E09C057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C751005F-B8AC-4074-8428-E8D2CC9B5628}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{A5225BE8-FEB4-45C7-B41C-8BA4A6BB2E12}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0AAAB881-155E-477D-966C-8E3E3A7AE79C}C:\users\x\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\x\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C573D84B-F8F1-4F45-9846-86B2DCE4D221}C:\users\x\downloads\winbox.exe] => (Block) C:\users\x\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{0E38B1CC-845E-4C13-ACC0-F80C104D8BD2}C:\users\x\downloads\winbox.exe] => (Block) C:\users\x\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [{76099FA3-F215-4C6D-BF69-A016D1E90D2D}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C3EBCAA1-B79A-42C0-BE14-416A2BD2D45D}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{BFBA72E5-EDDB-4283-8797-8FE37517FF7F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{70E793A2-5587-46C3-A274-B19B50FBF311}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{DA182E6D-A89F-4552-A108-2F9B81AB7B71}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2428F7F3-F1EB-48EF-9937-D5F7BA1F8453}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2E2CA5A6-663E-4DE5-BA3E-8AAD57443087}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{950617C2-1C39-435B-9662-452136EF356C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CECF85A0-4821-4A10-8B3B-6C37FFC49E13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CC22A00C-261C-4226-8C2F-D0EE68648337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C11D44D8-22E8-41CA-9484-B184583DE8A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F66E0BB9-F5ED-4711-8ACC-EB648FEAE339}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F8C569F0-B744-4E5D-ABE9-1CEDF9C02A1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{791F5F77-07BC-4B46-88F6-3E3517DE594B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9B37DF3D-D26B-4073-B31C-4A2666C579CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D11F2419-12E4-4AA6-9A16-F5DBE76D05C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E5A70C40-7E90-44D4-9555-AC01728DB852}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E21740F-B5C7-4F2B-AA31-D32E2C030932}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8F2E9176-E618-47C2-9D37-41193555AA36}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7A2680CA-36FB-4EF5-8708-E07787214999}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B77E99-85E8-490F-B53E-B50B52B79977}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D12162F1-550B-485C-AA2D-E971F4CB5813}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{400652F1-9E5D-4C7D-985A-86B1C41065A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7724C76-524B-4B10-B974-C3D6530ED08B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{644CF4C1-C811-412B-A47A-1EA8013784C0}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)
FirewallRules: [UDP Query User{B205278B-A82F-4668-A98E-592EE029D195}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)
FirewallRules: [{3CF2FE05-108E-4245-BCC4-FF829563D5F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5A5D7C69-AD17-47DC-842C-5A1462A31BC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E33E1C0D-A3BA-435F-8833-E48D2EECAB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85CFDBB9-2926-45F5-894D-B66EA6EAFAE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B78A65B7-04D2-4F64-A2A7-84E2F261D5FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3694AEF-247B-413E-A5E7-FC3D9085473F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8CB2EB0B-F4BE-4BC1-BAAA-31745521A542}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0807833C-DE9E-4DC1-9EEA-20824DA4B4E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6E826960-8666-402A-8417-1DED9569A524}] => (Allow) C:\Program Files\AnyMP4 Studio\AnyMP4 Screen Recorder\MirrorRender.exe (OKWare Co., Ltd -> )
FirewallRules: [{F7AAB671-1B7B-4711-91B2-B455AF7BF249}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{660AEDAD-CED3-4423-831C-BDFF172E930A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CC3994DE-46D9-4D95-901D-21361F59AE02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BE78BBF-6FA1-409B-983F-B638C43D6FA7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{72CB6259-30EF-42BC-8FA9-2A6974C1B404}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{71CD7CD4-89E6-4E74-BD72-0DF0C5761FC6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9E71A4-D2A4-4D95-AF46-B03DF0DAE054}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3965FF30-B93E-453C-96A5-A37E41397C79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC9CD279-AECE-439C-9848-A190C3146A65}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9CC5152D-70CE-4960-8397-1113740A2F50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{905A59A6-8E63-4A24-AE1D-CE4008B7E2A1}C:\program files (x86)\nmap\nmap.exe] => (Block) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)
FirewallRules: [UDP Query User{87E83555-EA3A-416E-BE90-0A8B8AF36DBB}C:\program files (x86)\nmap\nmap.exe] => (Block) C:\program files (x86)\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.71 GB) (Free:38.42 GB) (35%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/17/2022 10:04:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff89486200f
ID chybujícího procesu: 0x2fac
Čas spuštění chybující aplikace: 0x01d911f69bea1abd
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: adba7aab-a7bc-4eed-af51-cdfa2ef3ce9d
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (12/17/2022 10:04:47 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
 System.IO.FileLoadException: 
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
   at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
   at System.Environment.FailFast(System.String)
   at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (12/17/2022 10:04:45 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (12/17/2022 10:04:45 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (12/17/2022 10:04:45 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (12/16/2022 05:06:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Teams.exe, verze: 1.5.0.33362, časové razítko: 0x61e7444e
Název chybujícího modulu: Teams.exe, verze: 1.5.0.33362, časové razítko: 0x61e7444e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000029c8993
ID chybujícího procesu: 0xf80
Čas spuštění chybující aplikace: 0x01d911681f14e791
Cesta k chybující aplikaci: C:\Users\x\AppData\Local\Microsoft\Teams\current\Teams.exe
Cesta k chybujícímu modulu: C:\Users\x\AppData\Local\Microsoft\Teams\current\Teams.exe
ID zprávy: 67d7e346-1590-4843-80c2-e6a428909fb4
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (12/16/2022 05:03:48 PM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Registrace certifikátu SCEP pro WORKGROUP\-PC$ přes https://STM-KeyId-f3c91574a6e773ff13bf0c6bad7a7b65cf1c7820.microsoftaik.azure.net/templates/Aik/scep se nepovedla:

SubmitDone
Submit(Request): Bad Request
{"Message":"No valid TPM EK/Platform certificate provided in the TPM identity request message."}
HTTP/1.1 400 Bad Request
Date: Fri, 16 Dec 2022 16:03:49 GMT
Content-Length: 96
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 821258fd-66e1-466c-8972-f3d404f105d7

Metoda: POST(5672ms)
Fáze: SubmitDone
Chybná žádost (400) 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (12/16/2022 05:02:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (12/18/2022 11:20:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/18/2022 11:20:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/18/2022 11:20:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NetSetMan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/18/2022 11:20:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/18/2022 11:20:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo PM Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/18/2022 12:29:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (12/16/2022 05:03:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (12/16/2022 11:14:53 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
================
Date: 2022-12-16 08:37:27
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {86422EB9-40A0-4CE1-AC6F-49126FE4B9F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-15 10:01:27
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E021C2BC-7042-485B-9DFA-0EB2BD91DF56}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-14 08:34:58
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {18341394-7587-415D-A341-8520DAA578C4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-13 11:53:22
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E533E05D-532E-4003-B6E5-80D2D6131793}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-11 13:29:38
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC8613A4-1695-47C8-AB87-AB3CF4487A0E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-12-02 12:38:39
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.379.1259.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

Date: 2022-11-24 13:38:32
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.379.798.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

Date: 2022-11-09 15:03:27
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.379.37.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena. 

Date: 2022-11-08 12:07:06
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.377.1429.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

Date: 2022-10-26 15:46:55
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.377.768.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

CodeIntegrity:
===============
Date: 2022-12-18 13:43:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-18 13:43:19
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: LENOVO 8DET41WW (1.11 ) 03/28/2011
Motherboard: LENOVO 4291BD2
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 8079.24 MB
Available physical RAM: 3461.38 MB
Total Virtual: 9359.24 MB
Available Virtual: 4842.3 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:110.71 GB) (Free:38.42 GB) (Model: Patriot Burst) NTFS

\\?\Volume{a97a2298-d6aa-4537-bff2-717a35c7abe2}\ (WINRE) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{32997123-724d-438f-8aa6-ba06deb1c87f}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{00e4b218-3151-4b8e-bd71-50addb2093b8}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podivné chování NTB

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\MountPoints2: {625b5856-1f51-11eb-9600-f0def1bf687d} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {EBDFA47E-517C-4A3E-9770-F10781FC1EFD} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (No File)
Task: {FA71C26C-6ABB-47F1-835B-173D3FCD2E8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {CBAEF37D-710A-4A4A-9454-F19C3BBEF5D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC
U4 npcap_wifi; no ImagePath
C:\Program Files\Bonjour
FirewallRules: [{E822D18B-FA4B-4D1A-B538-4A2571682734}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{10A65573-48B0-40DB-8C41-0B86B777B54A}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{6D169BD0-859E-4EBD-A887-0416E20F96C7}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{5AD69D5D-1417-4C5E-A13C-7903AD40AA8A}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
irewallRules: [{CECF85A0-4821-4A10-8B3B-6C37FFC49E13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CC22A00C-261C-4226-8C2F-D0EE68648337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C11D44D8-22E8-41CA-9484-B184583DE8A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F66E0BB9-F5ED-4711-8ACC-EB648FEAE339}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F8C569F0-B744-4E5D-ABE9-1CEDF9C02A1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{791F5F77-07BC-4B46-88F6-3E3517DE594B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9B37DF3D-D26B-4073-B31C-4A2666C579CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D11F2419-12E4-4AA6-9A16-F5DBE76D05C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dogs
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 říj 2006 22:50

Re: Prosím o kontrolu, podivné chování NTB

#7 Příspěvek od Dogs »

Tady je log

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by x (18-12-2022 15:49:49) Run:1
Running from C:\Users\x\Plocha
Loaded Profiles: x
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\...\MountPoints2: {625b5856-1f51-11eb-9600-f0def1bf687d} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {EBDFA47E-517C-4A3E-9770-F10781FC1EFD} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (No File)
Task: {FA71C26C-6ABB-47F1-835B-173D3FCD2E8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {CBAEF37D-710A-4A4A-9454-F19C3BBEF5D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC
U4 npcap_wifi; no ImagePath
C:\Program Files\Bonjour
FirewallRules: [{E822D18B-FA4B-4D1A-B538-4A2571682734}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{10A65573-48B0-40DB-8C41-0B86B777B54A}] => (Allow) C:\Users\x\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{6D169BD0-859E-4EBD-A887-0416E20F96C7}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{5AD69D5D-1417-4C5E-A13C-7903AD40AA8A}C:\users\x\downloads\winbox64 (1).exe] => (Allow) C:\users\x\downloads\winbox64 (1).exe => No File
irewallRules: [{CECF85A0-4821-4A10-8B3B-6C37FFC49E13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CC22A00C-261C-4226-8C2F-D0EE68648337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C11D44D8-22E8-41CA-9484-B184583DE8A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F66E0BB9-F5ED-4711-8ACC-EB648FEAE339}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F8C569F0-B744-4E5D-ABE9-1CEDF9C02A1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{791F5F77-07BC-4B46-88F6-3E3517DE594B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9B37DF3D-D26B-4073-B31C-4A2666C579CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D11F2419-12E4-4AA6-9A16-F5DBE76D05C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-4226615632-1666699233-2089256746-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{625b5856-1f51-11eb-9600-f0def1bf687d} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EBDFA47E-517C-4A3E-9770-F10781FC1EFD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBDFA47E-517C-4A3E-9770-F10781FC1EFD}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Power Manager\Background monitor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Power Manager\Background monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FA71C26C-6ABB-47F1-835B-173D3FCD2E8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA71C26C-6ABB-47F1-835B-173D3FCD2E8C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBAEF37D-710A-4A4A-9454-F19C3BBEF5D2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBAEF37D-710A-4A4A-9454-F19C3BBEF5D2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
C:\Program Files\Bonjour => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E822D18B-FA4B-4D1A-B538-4A2571682734}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10A65573-48B0-40DB-8C41-0B86B777B54A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6D169BD0-859E-4EBD-A887-0416E20F96C7}C:\users\x\downloads\winbox64 (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5AD69D5D-1417-4C5E-A13C-7903AD40AA8A}C:\users\x\downloads\winbox64 (1).exe" => removed successfully
irewallRules: [{CECF85A0-4821-4A10-8B3B-6C37FFC49E13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC22A00C-261C-4226-8C2F-D0EE68648337}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C11D44D8-22E8-41CA-9484-B184583DE8A1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F66E0BB9-F5ED-4711-8ACC-EB648FEAE339}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8C569F0-B744-4E5D-ABE9-1CEDF9C02A1D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{791F5F77-07BC-4B46-88F6-3E3517DE594B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B37DF3D-D26B-4073-B31C-4A2666C579CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D11F2419-12E4-4AA6-9A16-F5DBE76D05C1}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 551092930 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 7288 B
Windows/system/drivers => 46856838 B
Edge => 2173415 B
Chrome => 1459971367 B
Firefox => 400684215 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7968 B
NetworkService => 1237682 B
x => 243501016 B

RecycleBin => 4626921837 B
EmptyTemp: => 6.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:52:26 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podivné chování NTB

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dogs
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 říj 2006 22:50

Re: Prosím o kontrolu, podivné chování NTB

#9 Příspěvek od Dogs »

Vypadá, že je to OK
Děkuji moc a přeji krásné svátky

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podivné chování NTB

#10 Příspěvek od Rudy »

Hezké svátky i vám a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno