VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

disk vytěžuje na 100% služna šifrování

https://forum.viry.cz:443/viewtopic.php?t=157829

Stránka 1 z 1

disk vytěžuje na 100% služna šifrování

Napsal: 27 led 2021 17:51
od hu.go
Prosím o kontrolu logu,
počítač zoufale pomalý, ve správci úloh jsem našel vytížený disk na 100% službou systému : šifrování. DiscLocker je vypnutý.
Trvá druhý den ...

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by právní3 (administrator) on PRÁVNÍ3-PC (Dell Inc. OptiPlex 3010) (27-01-2021 16:07:24)
Running from C:\Users\právní3\Downloads
Loaded Profiles: právní3
Platform: Windows 10 Pro Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Dell Inc. -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\hp laserjet m2727\hppfaxprintersrv.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(HP) [File not signed] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\právní3\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [HP LaserJet M2727 MFP Series Fax] => C:\Program Files (x86)\HP\hp LaserJet M2727\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company) [File not signed]
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7426672 2020-05-08] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\ecmds.exe [175504 2020-11-11] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [ToolBoxFX] => C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [53248 2010-01-27] (HP) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Windows x64\Print Processors\hpcpp093: C:\Windows\System32\spool\prtprocs\x64\hpcpp093.DLL [300032 2009-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\HPZPP4wn: C:\Windows\System32\spool\prtprocs\x64\hpzpp4wn.dll [231424 2007-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\KOAYQA_P: C:\Windows\System32\spool\prtprocs\x64\KOAYQA_P.DLL [41472 2012-01-16] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Windows x64\Print Processors\KOAYQJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYQJ_P.dll [80384 2011-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\C364SeriesFAX Language Monitor: C:\WINDOWS\system32\KOAYQS_L.DLL [15360 2009-12-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYQJ_L.DLL [15360 2009-12-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\C364SeriesPS Language Monitor: C:\WINDOWS\system32\KOAYQA_L.DLL [15360 2009-12-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP Fax Port: C:\WINDOWS\system32\hppfaxprintermon5.dll [22016 2009-09-22] (Hewlett-Packard Company) [File not signed]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2007-12-17] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00021D83-5C9A-4D75-8A11-8EE3B028EE8D} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {289C6A28-C01C-4444-A85D-67B9CBE68E23} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {2FC28D62-6E8E-4687-A2C8-3B9322438A61} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {30EC8CA6-2EA4-407F-8F25-B1AEC324A302} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {31558041-FE63-4528-991F-B916F6B64A8C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3D041B77-6241-4D44-A065-29B1DB063B69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40BFF3B3-2C48-4BE8-9BBD-BCE50A6FA593} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4BC36427-A087-408F-BA0B-060DE0D56011} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc -> Google Inc.)
Task: {50E53C38-0007-4570-A2A8-C8CBD11FB7D7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {529067E2-C622-4CAC-B04B-3750A0143AA0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57B0C208-4166-419E-A9E8-90E2D63B42FF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5DFC2B86-C821-4158-B7DA-5D2742169334} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {60302ABD-4926-4BE4-A4CC-877D4ED43D19} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6174FAA6-D3F8-4F00-830E-CBF07E1FD4AF} - System32\Tasks\Synology Data Replicator 3-PRÁVNÍ3-PC-právní3 => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe [11590528 2012-06-28] (Synology Inc. -> Synology Inc.) [File not signed]
Task: {76DF8F79-D4F9-42A3-B812-045CD224E2F6} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [4412440 2012-04-03] (Dell Inc. -> Dell Inc.)
Task: {78212616-DFDD-477B-804A-BE1115A64A5D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-24] (Adobe Inc. -> Adobe)
Task: {7EBE5FDB-0360-4D54-AAD0-C9B5F4D3554B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {825FF2A4-5072-41AC-83BE-F9AC046500A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc -> Google Inc.)
Task: {96E2BF4F-3FD9-41E6-B0D5-340DAE77C64C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9BEFA429-A2AE-45B9-ABE0-CF7EACA4EBF6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F0580E3-7241-491C-8B8B-5F717B774EEA} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {9F7DCF98-3A5B-438A-83DE-AB4246FA6084} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A107E82E-2611-4871-A03E-915BB1E1B202} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A66EC2B4-A0B4-48C0-8307-175B916EC806} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {AE426EA7-BF3E-44FF-AF91-9AE60917C378} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B131E342-C050-48D2-B09F-AA80017127AC} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2E9CAD4-41CB-4517-BDCD-8133CCB2CD4F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B5276A79-CF98-4128-B91E-E9ABF2D80A46} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BB158CB9-44F2-4EB4-BE0C-550E64252277} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {C0BCD08B-4665-4DE7-AC30-3ED1D48F2E72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3217D0D-CC51-4B9D-B738-1396671300B2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3B51CA2-178C-42DD-A6D3-8A2119792AE6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CE7814E2-EBE0-4AAF-8A83-FF73AE90C83B} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {D56D456F-C19A-449C-80AB-616AD3137735} - System32\Tasks\{C992A6E9-54CB-4D10-88E3-5F8DD1F3F571} => C:\Windows\system32\pcalua.exe -a C:\Users\PRVN3~1\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {D9E1ACE3-E484-4ACB-8CB5-1713267A26CE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DDD6F904-A1D8-4DC9-8A5A-4805F4586760} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F29F44A4-4F8C-4DF6-B633-2EEC123A735D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F606DA12-4EB2-43B4-80D1-86CDA6535FAF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F850213F-D0FE-4743-8B08-329B62ED46EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {FBEFC1B3-5127-4E2D-ABC8-71592579CF53} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synology Data Replicator 3-PRÁVNÍ3-PC-právní3.job => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 192.168.0.253 CLK_SERVER
Tcpip\..\Interfaces\{68FB072F-4FA6-4E32-9623-9613399F969B}: [NameServer] 8.8.8.8

Edge:
=======
DownloadDir: C:\Users\právní3\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\právní3\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-27]

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default [2021-01-27]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-30]
CHR Extension: (Dokumenty) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-30]
CHR Extension: (Disk Google) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-30]
CHR Extension: (Tabulky) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Gmail) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\právní3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-24] (Adobe Inc. -> Adobe)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe [49448 2020-11-11] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2595360 2020-11-11] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2595360 2020-11-11] (ESET, spol. s r.o. -> ESET)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-11-12] (HP) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-11] (Hewlett-Packard Co.) [File not signed]
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [7332104 2020-05-08] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [381312 2012-06-28] (Synology Inc. -> ) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2012-10-22] (Synology Inc. -> ) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [30648 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-11-11] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [190464 2020-11-11] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [70560 2020-11-11] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [108808 2020-11-11] (ESET, spol. s r.o. -> ESET)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-27 16:07 - 2021-01-27 16:09 - 000022856 _____ C:\Users\právní3\Downloads\FRST.txt
2021-01-27 16:06 - 2021-01-27 16:08 - 000000000 ____D C:\FRST
2021-01-27 16:05 - 2021-01-27 16:05 - 002297856 _____ (Farbar) C:\Users\právní3\Downloads\FRST64.exe
2021-01-27 15:13 - 2021-01-27 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-01-27 15:13 - 2021-01-27 15:13 - 000000000 ____D C:\ProgramData\ESET
2021-01-27 15:13 - 2021-01-27 15:13 - 000000000 ____D C:\Program Files\ESET
2021-01-27 14:56 - 2021-01-27 14:56 - 000000000 ____D C:\Users\právní3\Desktop\eset
2021-01-25 14:23 - 2021-01-25 14:23 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-25 14:22 - 2021-01-25 14:22 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-25 14:22 - 2021-01-25 14:22 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-25 14:22 - 2021-01-25 14:22 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-25 14:22 - 2021-01-25 14:22 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-25 14:22 - 2021-01-25 14:22 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-25 14:22 - 2021-01-25 14:22 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-25 14:22 - 2021-01-25 14:22 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-25 14:22 - 2021-01-25 14:22 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-25 14:22 - 2021-01-25 14:22 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-25 14:21 - 2021-01-25 14:21 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-25 14:21 - 2021-01-25 14:21 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-25 14:21 - 2021-01-25 14:21 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-25 14:21 - 2021-01-25 14:21 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-25 14:21 - 2021-01-25 14:21 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-25 14:21 - 2021-01-25 14:21 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-25 14:20 - 2021-01-25 14:20 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-25 14:20 - 2021-01-25 14:20 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-25 14:20 - 2021-01-25 14:20 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-25 14:20 - 2021-01-25 14:20 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-25 14:20 - 2021-01-25 14:20 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-25 14:20 - 2021-01-25 14:20 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-25 14:19 - 2021-01-25 14:19 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-25 14:19 - 2021-01-25 14:19 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-25 14:18 - 2021-01-25 14:18 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-25 14:18 - 2021-01-25 14:18 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-25 14:18 - 2021-01-25 14:18 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-25 14:17 - 2021-01-25 14:17 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-25 14:17 - 2021-01-25 14:17 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-25 14:17 - 2021-01-25 14:17 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-25 14:17 - 2021-01-25 14:17 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-25 14:17 - 2021-01-25 14:17 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-25 14:16 - 2021-01-25 14:16 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-25 14:16 - 2021-01-25 14:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-25 14:16 - 2021-01-25 14:16 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-25 14:16 - 2021-01-25 14:16 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-25 14:15 - 2021-01-25 14:15 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-25 14:14 - 2021-01-25 14:14 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-25 14:14 - 2021-01-25 14:14 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-25 14:13 - 2021-01-25 14:13 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-25 14:13 - 2021-01-25 14:13 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-25 14:13 - 2021-01-25 14:13 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-25 14:13 - 2021-01-25 14:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-25 14:13 - 2021-01-25 14:13 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-18 13:34 - 2021-01-18 13:34 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d77e744c16a8
2021-01-18 13:33 - 2021-01-18 13:33 - 001754386 _____ C:\Users\právní3\Downloads\Scan_20210118_120408.pdf
2021-01-11 13:42 - 2021-01-11 13:42 - 000052266 _____ C:\Users\právní3\Downloads\Výplatní_pásky (1).pdf
2021-01-05 13:46 - 2021-01-05 13:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-01-05 13:46 - 2021-01-05 13:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-01-05 13:46 - 2021-01-05 13:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-05 13:46 - 2021-01-05 13:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-05 13:46 - 2021-01-05 13:46 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-05 13:45 - 2021-01-05 13:45 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-05 13:45 - 2021-01-05 13:45 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-05 13:45 - 2021-01-05 13:45 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-01-05 13:45 - 2021-01-05 13:45 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-05 13:45 - 2021-01-05 13:45 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-05 13:45 - 2021-01-05 13:45 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-05 13:45 - 2021-01-05 13:45 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-01-05 13:45 - 2021-01-05 13:45 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-05 13:44 - 2021-01-05 13:44 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-05 13:44 - 2021-01-05 13:44 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-01-05 13:44 - 2021-01-05 13:44 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-05 13:44 - 2021-01-05 13:44 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-05 13:44 - 2021-01-05 13:44 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-27 16:03 - 2020-12-21 10:51 - 001842280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-27 16:03 - 2019-12-07 15:43 - 000750982 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-27 16:03 - 2019-12-07 15:43 - 000162556 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-27 16:03 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-27 16:02 - 2020-07-27 12:30 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-27 16:02 - 2020-07-27 12:30 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-27 16:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-27 16:01 - 2019-05-30 13:14 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-27 16:01 - 2019-05-30 13:14 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-27 16:01 - 2013-04-19 11:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-27 16:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-27 15:56 - 2020-12-21 11:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-27 15:56 - 2020-12-21 10:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-27 15:55 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-27 15:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-27 15:24 - 2020-12-21 10:39 - 000000000 ____D C:\Users\právní3
2021-01-27 14:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-27 14:36 - 2015-03-24 17:54 - 000001024 ____H C:\SYSTAG.BIN
2021-01-27 14:36 - 2015-03-24 17:54 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-01-27 14:27 - 2020-12-21 10:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-25 14:40 - 2020-12-21 10:33 - 000428016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-25 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-25 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-25 14:34 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-25 14:34 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-25 14:34 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-25 14:34 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-25 14:13 - 2020-12-21 10:38 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-25 13:30 - 2020-11-19 13:57 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-25 13:19 - 2013-07-29 13:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-25 12:54 - 2012-11-15 19:22 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-19 10:39 - 2013-05-24 10:47 - 000000000 ____D C:\Users\právní3\AppData\Roaming\TeamViewer
2021-01-18 13:34 - 2020-12-21 11:02 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-07 13:19 - 2013-02-01 12:34 - 000000000 ____D C:\Users\právní3\Documents\Soubory aplikace Outlook
2021-01-05 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-05 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-05 13:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-01-04 13:56 - 2020-09-07 13:53 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-04 13:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat

==================== Files in the root of some directories ========

2015-11-20 11:22 - 2015-11-20 11:22 - 000021368 _____ (Schneider Electric) C:\Users\právní3\en_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000021368 _____ (Schneider Electric) C:\Users\právní3\es_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000021880 _____ (Schneider Electric) C:\Users\právní3\fr_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000021880 _____ (Schneider Electric) C:\Users\právní3\grm_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000021368 _____ (Schneider Electric) C:\Users\právní3\it_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000020344 _____ (Schneider Electric) C:\Users\právní3\jp_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 001079808 _____ (Microsoft Corporation) C:\Users\právní3\mfc80u.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000626688 _____ (Microsoft Corporation) C:\Users\právní3\msvcr80.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 013923704 _____ (Schneider Electric) C:\Users\právní3\PCPE Setup.exe
2015-11-20 11:22 - 2015-11-20 11:22 - 000021368 _____ (Schneider Electric) C:\Users\právní3\pt_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000018808 _____ () C:\Users\právní3\ResourceReader.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000020856 _____ (Schneider Electric) C:\Users\právní3\ru_res.dll
2015-11-20 11:22 - 2015-11-20 11:22 - 000019832 _____ (Schneider Electric) C:\Users\právní3\zh_res.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


ADITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by právní3 (27-01-2021 16:15:22)
Running from C:\Users\právní3\Downloads
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-12-21 10:04:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3111574413-332453793-3017191155-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3111574413-332453793-3017191155-503 - Limited - Disabled)
Guest (S-1-5-21-3111574413-332453793-3017191155-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3111574413-332453793-3017191155-1003 - Limited - Enabled)
právní3 (S-1-5-21-3111574413-332453793-3017191155-1001 - Administrator - Enabled) => C:\Users\právní3
WDAGUtilityAccount (S-1-5-21-3111574413-332453793-3017191155-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version: - AOMEI Technology Co., Ltd.)
Conexant Audio Filter Agent (HKLM\...\cAudioFilterAgent) (Version: 1.7.36.0 - Conexant Systems)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Client System Update (HKLM-x32\...\{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}) (Version: 1.2.3 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell System Detect (HKU\S-1-5-21-3111574413-332453793-3017191155-1001\...\58d94f3ce2c27db0) (Version: 7.3.0.6 - Dell)
DeviceDiscovery (HKLM-x32\...\{93F54611-2701-454e-94AB-623F458D9E6B}) (Version: 90.0.146.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
ESET Endpoint Security (HKLM\...\{A848A6DC-1181-4C66-893E-01B461DB4D98}) (Version: 8.0.2028.0 - ESET, spol. s r.o.)
FirstClass Client (HKLM-x32\...\{65ACE103-3482-48D2-B83E-513165DCD265}) (Version: 12.005 - OpenText)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Color LaserJet 3600 (02/27/2007 61.063.461.41) (HKLM\...\hpc3600w) (Version: 02/27/2007 61.063.461.41 - HP)
HP LaserJet M2727 MFP Series 5.2 (HKLM\...\{3A915D43-FD4F-4e4f-BEF7-B75C160B0236}) (Version: 5.2 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppFaxDrvM2727 (HKLM-x32\...\{B226235F-51A4-4090-B5DB-5482A28D1B0F}) (Version: 003.100.00001 - Hewlett-Packard) Hidden
hppFaxUtility (HKLM-x32\...\{62808FA4-CD22-4A2B-AD50-5053E3C9F6F8}) (Version: 001.001.00017 - Název společnosti:) Hidden
hppFonts (HKLM-x32\...\{D8AC1EB5-E8B0-44A0-B113-899407188A2F}) (Version: 001.001.00056 - Hewlett-Packard) Hidden
hppLaserJetService (HKLM-x32\...\{34423B40-8F2F-4540-AA0C-D74377C58384}) (Version: 001.200.00001 - Hewlett-Packard) Hidden
hppLJM2727 (HKLM-x32\...\{4817E111-D785-4B51-8075-E6EFBAEEBF20}) (Version: 000.102.00102 - Hewlett-Packard) Hidden
hppManualsM2727 (HKLM-x32\...\{E0FA171C-0CB6-48CE-85A9-178D17398665}) (Version: 000.002.00001 - Název společnosti:) Hidden
hppScanTo (HKLM-x32\...\{719DBB12-87A3-4103-BF5B-32BF72570068}) (Version: 003.103.00004 - Název společnosti:) Hidden
hppSendFaxM2727 (HKLM-x32\...\{8CA5A451-0962-4B1C-9078-A597867F73EB}) (Version: 003.000.00001 - Název společnosti:) Hidden
hppTLBXFXM2727 (HKLM-x32\...\{171194D2-75DA-4495-9F02-40EE46DA04AD}) (Version: 001.005.00009 - Hewlett-Packard) Hidden
hpzTLBXFX (HKLM-x32\...\{F374FE8A-F51A-41BC-8EF4-33526F69A044}) (Version: 005.009.00181 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2639 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KONICA MINOLTA C364Series (HKLM\...\KONICA MINOLTA C364Series Installer) (Version: - KONICA MINOLTA)
KONICA MINOLTA TWAIN V4 (HKLM-x32\...\{74C2BB80-B798-4F3E-9D89-DC3CAA1B8711}) (Version: 4.0.04000 - KONICA MINOLTA)
Macrium Reflect Free Edition (HKLM\...\{032F1512-3AC8-4CAF-9B9B-C4E8CA76E4A2}) (Version: 7.2.4884 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office 2010 pro podnikatele (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3111574413-332453793-3017191155-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
ODIR (HKLM-x32\...\ODIR_is1) (Version: - Vaita)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Product_Min_QFolder (HKLM-x32\...\{33EFDAD7-1686-465A-AE0A-26F22E380315}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0019 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Synology Data Replicator 3 (HKLM-x32\...\{8E310838-457C-4269-B177-3EFB300CBDDC}) (Version: 1.0.0.0 - Synology Inc.)
Synology Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: 1.4.0.080 - Synology)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebReg (HKLM-x32\...\{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}) (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Packages:
=========
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.4.1.0_neutral__s63fsn2sety0r [2020-11-09] (KONICA MINOLTA INC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-18] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2020-11-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2020-11-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2020-11-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2010-01-27 11:48 - 2010-01-27 11:48 - 000835584 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\Alerts.dll
2010-01-27 11:48 - 2010-01-27 11:48 - 000069632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\AppConstants.dll
2010-01-27 11:47 - 2010-01-27 11:47 - 000130560 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\DMBaseObjects.dll
2010-01-27 11:48 - 2010-01-27 11:48 - 000524288 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\HPAppTools.dll
2010-01-27 11:48 - 2010-01-27 11:48 - 000086016 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\HPFaxUtilities.dll
2010-01-27 11:47 - 2010-01-27 11:47 - 000069632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\HPToolkit.dll
2010-01-27 11:47 - 2010-01-27 11:47 - 000061440 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTools.dll
2009-10-15 07:25 - 2009-10-15 07:25 - 000364544 _____ () [File not signed] C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll
2010-01-27 11:48 - 2010-01-27 11:48 - 000840192 _____ () [File not signed] C:\Program Files (x86)\HP\ToolboxFX\bin\PLSDMXMLObjects.dll
2015-11-20 12:00 - 2015-02-26 00:00 - 002403504 _____ (Aomei Technology Co., Limited -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2015-11-20 12:01 - 2015-02-26 00:00 - 000068784 _____ (Aomei Technology Co., Limited -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\AOMEI Backupper\vcomp.dll
2007-12-17 13:07 - 2007-12-17 13:07 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2007-12-17 13:08 - 2007-12-17 13:08 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2005-04-08 01:27 - 2005-04-08 01:27 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2007-03-11 22:02 - 2007-03-11 22:02 - 000217088 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2007-03-11 22:02 - 2007-03-11 22:02 - 000184320 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2007-03-11 22:02 - 2007-03-11 22:02 - 000131072 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2013-01-29 13:25 - 2009-09-22 19:44 - 000022016 _____ (Hewlett-Packard Company) [File not signed] C:\WINDOWS\System32\hppfaxprintermon5.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2007-04-19 17:35 - 2007-04-19 17:35 - 000642048 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzjcd01.dll
2009-11-12 10:56 - 2009-11-12 10:56 - 000029696 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll
2009-11-12 10:56 - 2009-11-12 10:56 - 000032768 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-11-12 10:56 - 2009-11-12 10:56 - 000031744 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-10-14 15:35 - 2009-10-14 15:35 - 000033280 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\ToolboxFX\bin\HPServiceCommunicator.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000118488 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000282328 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000102104 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000962264 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000102104 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000282328 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000290520 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000069336 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000061144 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Device.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000175832 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000241368 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000028376 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000483032 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000155352 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000122584 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000253656 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000347864 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 000077528 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2015-11-20 12:01 - 2015-09-15 17:56 - 000691928 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2015-11-20 12:01 - 2015-09-15 17:56 - 000306904 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2015-11-20 12:00 - 2015-09-15 17:56 - 001181400 _____ (ChengDu AoMei Tech Co., Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\LIBEAY32.dll
2015-11-20 12:01 - 2015-09-15 17:56 - 000275160 _____ (ChengDu AoMei Tech Co., Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\SSLEAY32.dll
2007-12-17 13:08 - 2007-12-17 13:08 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3111574413-332453793-3017191155-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3111574413-332453793-3017191155-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13-comm.msn.com
SearchScopes: HKU\S-1-5-21-3111574413-332453793-3017191155-1001 -> DefaultScope {D7303D35-0631-4FEE-B564-33E1997C1494} URL =
SearchScopes: HKU\S-1-5-21-3111574413-332453793-3017191155-1001 -> {D7303D35-0631-4FEE-B564-33E1997C1494} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3111574413-332453793-3017191155-1001\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-02-09 09:48 - 000000850 _____ C:\WINDOWS\system32\drivers\etc\hosts
192.168.0.253 CLK_SERVER

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> ;%PhoenixPath%;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3111574413-332453793-3017191155-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E2C0D0EE-BEFC-4343-9AE0-DE80AA2633F1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84F04EC9-B3FE-4BFB-AE02-128DDE40F15B}] => (Allow) LPort=2869
FirewallRules: [{E1781C79-AA85-4CD3-9FED-A96F9C8A1BCF}] => (Allow) LPort=1900
FirewallRules: [{8C897AD5-F901-40D0-9A71-F66C96B1A9BB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{108AD731-A142-474B-A4AA-201C9F4ED215}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9525D605-3342-4FD3-8FB1-FF97F41C83B2}] => (Allow) C:\Program Files (x86)\HP\hp laserjet m2727\Fax Config utility0.exe () [File not signed]
FirewallRules: [{9C0E56DC-7C14-41C5-A0F0-184E67C4CC5A}] => (Allow) C:\Program Files (x86)\HP\hp laserjet m2727\Fax Config utility0.exe () [File not signed]
FirewallRules: [{C3C113CA-9458-4702-A7F3-61AFB7771A68}] => (Allow) C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [{BA035852-622B-4DB9-9395-9899C1A661BB}] => (Allow) C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [{F16FE57C-8918-4A66-A8A6-0452C46C2218}] => (Allow) C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [{014C1B2F-5B3A-400E-8152-3AE2E6396347}] => (Allow) C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [{09EFC195-CF33-48F1-85C1-C0ED365EEAEA}] => (Allow) C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{9535907E-5733-48C3-9012-18A0D1E695E8}] => (Allow) C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{EF430AE1-7A38-411D-B7A5-36FCD2076B51}] => (Allow) C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{0E9EFDD0-64BF-43D3-A270-B03563E95D1F}] => (Allow) C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{6B1324BE-51C3-4BE9-8900-E45FF296E068}] => (Allow) C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{9377495F-6218-49A5-A32F-70D53DBF4169}] => (Allow) C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{1A765218-4E18-469C-AA83-D2B3D67B1190}] => (Allow) C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{CA691EE1-2D3D-4681-9FE2-7A7649B78D96}] => (Allow) C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{E79A9B39-40AB-4370-9A40-B2318CF94F39}] => (Allow) LPort=810
FirewallRules: [{1D6362FC-2479-4B6A-A6EA-0E666E23F3AE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B7DE0AF7-00B7-4FE9-B6F7-5AB02174CB7B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{280C08D1-B3C3-40A6-8C6E-F86D34AC7E89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6722E946-1FDD-4ED5-B9B9-61FF9219B102}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D926B3AE-3844-4F5C-A132-91217DD3A5F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

27-01-2021 15:49:24 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/27/2021 03:55:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/27/2021 03:55:20 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/27/2021 03:55:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/27/2021 03:55:20 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/27/2021 03:21:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (01/27/2021 03:20:58 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (01/27/2021 03:14:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ekrn.exe, verze: 10.8.50.0, časové razítko: 0x5d0a2b6f
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x7f0
Čas spuštění chybující aplikace: 0x01d6f4b03a7e46ba
Cesta k chybující aplikaci: C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: ee6f894c-1af2-468c-b878-a085ada2cdae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/27/2021 03:08:05 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.


System errors:
=============
Error: (01/27/2021 03:57:45 PM) (Source: Microsoft-Windows-FailoverClustering-Client) (EventID: 81) (User: NT AUTHORITY)
Description: LogExtendedErrorInformation (975):

Error: (01/27/2021 03:28:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér naslouchání Net.Pipe neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/27/2021 03:28:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Adaptér naslouchání Net.Pipe bylo dosaženo časového limitu (30000 ms).

Error: (01/27/2021 03:28:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér naslouchání Net.Msmq neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/27/2021 03:28:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Adaptér naslouchání Net.Msmq bylo dosaženo časového limitu (45000 ms).

Error: (01/27/2021 03:28:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/27/2021 03:28:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba sdílení portů Net.Tcp neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/27/2021 03:28:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba sdílení portů Net.Tcp bylo dosaženo časového limitu (45000 ms).


Windows Defender:
===================================
Date: 2021-01-27 15:30:28.2740000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-01-27 15:30:28.2740000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-01-27 15:30:28.2730000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-01-27 15:30:28.2660000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-01-27 15:30:28.2660000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2021-01-27 16:01:34.6810000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-27 16:01:34.6570000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-27 16:01:34.5030000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-27 16:01:34.3520000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-27 16:00:06.7440000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-27 16:00:06.7360000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-27 16:00:06.7220000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-27 15:35:44.4420000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Endpoint Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Dell Inc. A15 11/02/2015
Motherboard: Dell Inc. 042P49
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 38%
Total physical RAM: 8092.07 MB
Available physical RAM: 4993 MB
Total Virtual: 16284.07 MB
Available Virtual: 13422.31 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:231.58 GB) (Free:154.28 GB) NTFS

\\?\Volume{52363144-1eea-11e2-82ff-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:0.73 GB) (Free:0.5 GB) NTFS
\\?\Volume{d3ce10b9-0000-0000-0000-60163a000000}\ () (Fixed) (Total:0.53 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: D3CE10B9)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=231.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=545 MB) - (Type=27)

==================== End of Addition.txt =======================

diky

hu.go

Re: disk vytěžuje na 100% služna šifrování

Napsal: 27 led 2021 18:48
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: disk vytěžuje na 100% služna šifrování

Napsal: 08 úno 2021 16:57
od hu.go
Díky, vyzkoušeno až teď, protože v kanclu covid ...
ADWC nic nenašel. NIcméně disk je již vklidu ...

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-08-2021
# Duration: 00:00:25
# OS: Windows 10 Pro
# Scanned: 31956
# Detected: 5


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellClientSystemUpdate Folder C:\Program Files (x86)\DELL\CLIENTSYSTEMUPDATE
Preinstalled.DellClientSystemUpdate Folder C:\ProgramData\DELL\CLIENTSYSTEMUPDATE
Preinstalled.DellClientSystemUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}
Preinstalled.DellCommand|Update Registry HKLM\Software\Classes\CLSID\{A6F0A231-4510-4b00-A901-2EC89481C0B2}
Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Re: disk vytěžuje na 100% služna šifrování

Napsal: 08 úno 2021 18:29
od Rudy
Když už jsme v tom, můžeme ještě dočistit. Položky preinstaled jsou v pořádku, jde o utility DELL. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {00021D83-5C9A-4D75-8A11-8EE3B028EE8D} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {825FF2A4-5072-41AC-83BE-F9AC046500A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc -> Google Inc.)
Task: {AE426EA7-BF3E-44FF-AF91-9AE60917C378} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {BB158CB9-44F2-4EB4-BE0C-550E64252277} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {4BC36427-A087-408F-BA0B-060DE0D56011} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc -> Google Inc.)
U3 idsvc; no ImagePath
C:\DumpStack.log.tmp
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
SearchScopes: HKU\S-1-5-21-3111574413-332453793-3017191155-1001 -> DefaultScope {D7303D35-0631-4FEE-B564-33E1997C1494} URL =
SearchScopes: HKU\S-1-5-21-3111574413-332453793-3017191155-1001 -> {D7303D35-0631-4FEE-B564-33E1997C1494} URL =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
Hosts:
End
Uložte do C:\Users\právní3\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz